Extend WordPress with plugins using this advanced WordPress development book, updated for the current version
This significantly updated edition of Professional WordPress Plugin Development addresses modern plugin development for WordPress, the highly popular content management system (CMS). If you’re using WordPress to create and manage websites, WordPress plugins are the software that can extend or enhance CMS functionality. This book offers guidance on writing plugins for WordPress sites to share or sell to other users.
The second edition of Professional WordPress Plugin Development covers the building of advanced plugin development scenarios. It discusses the plugin framework and coding standards as well as dashboards, settings, menus, and related application programming interfaces (APIs). Additional topics include security, performance, data validation, and SQL statements.
• Learn about the power of hooks in WordPress
• Discover how JavaScript and Ajax will work in your site
• Understand key technologies: Block Editor/Gutenberg, JS/React, PHP, and the REST API
• Create and use custom post types and taxonomies.
• Creating custom dashboard menus and plugin settings
• Work with users and user data
• Schedule tasks and utilizing Cron
• Performance and security considerations
Written by experienced plugin developers, Professional WordPress Plugin Development also helps you internationalize and localize your WordPress website. Find out about debugging systems and optimizing your site for speed. As WordPress use continues to increase, you can elevate your professional knowledge of how to extend WordPress through plugins.
By:
Brad Williams,
Justin Tadlock,
John James Jacoby
Imprint: Wrox Press
Country of Publication: United States
Edition: 2nd edition
Dimensions:
Height: 234mm,
Width: 185mm,
Spine: 25mm
Weight: 794g
ISBN: 9781119666943
ISBN 10: 1119666945
Pages: 480
Publication Date: 21 May 2020
Audience:
Professional and scholarly
,
Undergraduate
Format: Paperback
Publisher's Status: Active
Introduction xxxi Chapter 1: An Introduction to Plugins 1 What is a Plugin? 1 How Plugins Interact with WordPress 2 When are Plugins Loaded? 3 Available Plugins 4 Official Plugin Directory 4 Popular Plugin Examples 4 Popular Plugin Tags 5 Advantages of Plugins 5 Not Modifying Core 5 Why Reinvent the Wheel? 5 Separating Plugins and Themes 6 Easy Updates 7 Easier to Share and Reuse 7 Plugin Sandbox 7 Plugin Community 7 Installing and Managing Plugins 8 Installing a Plugin 8 Managing Plugins 9 Editing Plugins 9 Plugin Directories 9 Types of Plugins 10 Summary 11 Chapter 2: Plugin Framework 13 Requirements for Plugins 13 Naming Your Plugin 14 Using a Folder 14 Best Practices 14 Namespace Everything 14 File Organization 15 Folder Structure 16 Plugin Header 17 Creating the Header 17 Plugin License 18 Determining Paths 19 Plugin Paths 19 Local Paths 19 URL Paths 20 Activate/Deactivate Functions 22 Plugin Activation Function 22 Plugin Deactivation Function 23 Deactivate is Not Uninstall 23 Uninstall Methods 24 Why Uninstall is Necessary 24 Uninstall.php 24 Uninstall Hook 25 Coding Standards 25 Document Your Code 26 Naming Variables and Functions 27 Naming Classes and Methods 27 Naming Files 28 Single and Double Quotes 28 Indentation 28 Brace Style 29 Space Usage 29 Shorthand PHP 30 SQL Statements 30 Summary 30 Chapter 3: Dashboard And Settings 31 Adding Menus and Submenus 31 Creating a Top-Level Menu 32 Adding a Submenu 33 Adding a Menu Item to an Existing Menu 34 Plugin Settings 36 The Options API 36 Saving Options 36 Saving an Array of Options 37 Updating Options 37 Retrieving Options 38 Loading an Array of Options 39 Deleting Options 40 The Autoload Parameter 40 Segregating Plugin Options 41 Toggling the Autoload Parameter 42 The Settings API 42 Benefits of the Settings API 42 Settings API Functions 43 Creating the Plugin Administration Page 43 Registering New Settings 44 Defining Sections and Settings 44 Validating User Input 46 Rendering the Form 47 All Done! 48 Wrapping It Up: A Complete Plugin Management Page 48 Improving Feedback on Validation Errors 51 Expanding with Additional Field Types 52 Adding Fields to an Existing Page 59 How It Works 59 Adding a Section to an Existing Page 59 Adding Only Fields 60 WordPress’ Sections and Setting Fields 61 User Interface Concerns 62 Removing Settings 62 Keeping It Consistent 63 Using the WordPress UI 64 Headings 64 Dashicons 64 Messages 65 Buttons 66 Form Fields 67 Tables 68 Pagination 69 Summary 70 Chapter 4: Security And Performance 71 Security Overview 72 What Securing Your Plugin is 72 What Securing Your Plugin is Not 72 User Permissions 72 How to Check current_user_can() 73 Do Not Check Too Early 73 Nonces 74 Authority vs. Intention 74 What is a Nonce? 75 How to Create and Verify Nonces 75 Creating a Nonce URL 76 Creating a Nonce Field 76 Creating and Verifying a Nonce in a Plugin 77 Data Validation and Sanitization 78 The Need for Data Validation and Sanitization 78 Good Practice: Identifying Potentially Tainted Data 80 Validating or Sanitizing Input? 81 Validating and Sanitizing Cookbook 81 Integers 81 Arbitrary Text Strings 82 Key and Identifier Strings 83 Email Strings 84 URLs 84 HTML 86 JavaScript 88 Environment and Server Variables 88 Arrays of Data 89 Database Queries 89 Formatting SQL Statements 90 The $wpdb Object 90 Why wpdb Methods are Superior 91 All-in-One Methods 91 $wpdb->update() 92 $wpdb->insert() 92 Common Methods 93 Select a Variable 93 Select a Row 94 Select a Column 94 Select Generic Results 95 Generic Queries 96 Protecting Queries against SQL Injections 96 Security Good Habits 97 Performance Overview 97 Caching 98 Saving Cached Data 98 Loading and Using Cached Data 99 Deleting Cached Data 99 Caching Data within a Plugin 100 Transients 101 Saving an Expiring Option 102 Retrieving an Expiring Option 102 Deleting an Expiring Option 102 A Practical Example Using Transients 102 Technical Details 103 Transient Ideas 103 Summary 104 Chapter 5: Hooks 105 Understanding Hooks 105 Actions 106 What is an Action? 107 Action Hook Functions 108 remove_action() 108 remove_all_actions() 109 do_action_ref_array 110 has_action 111 did_action() 112 current_action 112 register_activation_hook and register_deactivation_hook 113 Commonly Used Action Hooks 113 plugins_loaded 113 init 114 admin_menu 115 save_post 116 wp_head 116 Filters 117 What is a Filter? 118 Filter Hook Functions 119 remove_filter 119 remove_all_filters 120 apply_filters_ref_array 121 has_filter 122 current_filter 122 Quick Return Functions 123 Commonly Used Filter Hooks 124 the_content 124 template_include 125 Using Hooks from within a Class 126 Using Hooks with Anonymous Functions 127 Creating Custom Hooks 128 Benefits of Creating Custom Hooks 128 Custom Action Hook Example 128 Custom Filter Hook Example 129 Finding Hooks 129 Searching for Hooks in the Core Code 130 Variable Hooks 130 Hook Reference Lists 130 Summary 131 Chapter 6: Javascript 133 Registering Scripts 134 Enqueueing Scripts 135 Limiting Scope 136 Localizing Scripts 136 Inline Scripts 137 Overview of Bundled Scripts 139 jQuery UI and Other Scripts 139 The WP Global 140 a11y Speak 140 Escaping 140 i18n 140 Heartbeat 141 Polyfills 141 Your Custom Scripts 141 jQuery 142 Benefits of Using jQuery 142 jQuery Crash Course 142 The jQuery Object 143 Syntax and Chaining 143 No-Conflict Mode in WordPress 144 Launching Code on Document Ready 144 Ajax 145 Backbone/Underscore 146 React 146 Summary 147 Chapter 7: Blocks And Gutenberg 149 What is Gutenberg? 149 Touring Gutenberg 151 Practical Examples 155 WooCommerce 156 The Events Calendar 157 Post Type Switcher 158 Technology Stack of Gutenberg 159 JavaScript 160 PHP 161 Node.js 162 webpack 163 Babel 163 React 163 JSX 163 ES6 163 “Hello World!” Block 164 PHP 164 JavaScript 164 webpack 165 Command Line 166 Activation 167 Wrap-Up 167 WP-CLI Scaffolding 168 Plugin 168 Blocks 169 Includes 169 Activation 169 Wrap-Up 169 create-guten-block Toolkit 170 Installation 171 Activation 171 Wrap-Up 173 Block Directory 173 Summary 174 Chapter 8: Content 175 Creating Custom Post Types 176 Post Type Possibilities 176 Registering a Post Type 177 register_post_type 177 Registering the Book Collection Post Type 177 Setting Post Type Labels 179 Using Custom Capabilities 180 Attaching Existing Taxonomies 182 Post Metadata 183 Registering Post Metadata 183 Adding Post Metadata 184 Retrieving Post Metadata 185 Updating Post Metadata 186 Deleting Post Metadata 186 Meta Boxes 187 What is a Meta Box? 187 Adding a Custom Meta Box 188 Saving Meta Box Data 190 Creating Custom Taxonomies 191 Understanding Taxonomies 192 Registering a Custom Taxonomy 192 register_taxonomy 193 Registering the Genre Taxonomy 193 Assigning a Taxonomy to a Post Type 194 Using Custom Taxonomies 195 Retrieving a Taxonomy 196 Using a Taxonomy with Posts 196 Taxonomy Conditional Tags 197 taxonomy_exists 197 is_taxonomy_hierarchical 198 is_tax 198 A Post Type, Post Metadata, and Taxonomy Plugin 199 Summary 204 Chapter 9: Users And User Data 205 Working with Users 206 User Functions 206 is_user_logged_in() 206 get_users() 207 count_users 207 Creating, Updating, and Deleting Users 208 Creating a New User 209 Updating an Existing User 211 Deleting an Existing User 212 User Data 213 Getting a User Object and Data 213 Getting the Current User Object 215 Getting User Post Counts 215 User Metadata 217 Adding User Metadata 218 Retrieving User Metadata 218 Updating User Metadata 219 Deleting User Metadata 220 Creating a Plugin with User Metadata 220 Roles and Capabilities 223 What are Roles and Capabilities? 223 Default Roles 224 Custom Roles 224 Limiting Access 225 Checking User Permissions 225 Is the User an Admin? 227 Customizing Roles 228 Creating a Role 228 Deleting a Role 230 Adding Capabilities to a Role 230 Removing Capabilities from a Role 231 A Custom Role and Capability Plugin 231 Summary 233 Chapter 10: Scheduled Tasks 235 What is Cron? 235 How is Cron Executed? 236 Scheduling Cron Events 236 Scheduling a Recurring Event 236 Scheduling a Single Event 238 Unscheduling an Event 240 Specifying Your Own Cron Intervals 241 Viewing Scheduled Cron Events 242 True Cron 247 Practical Use 247 The Blog Pester Plugin 247 Deleting Post Revisions Weekly 250 The Delete Comments Plugin 253 Summary 258 Chapter 11: Internationalization 259 Internationalization and Localization 260 Why Internationalize? 260 Understanding Internationalization in Professional Work 261 Getting Your Plugin Ready for Translation 261 Echoing and Returning Strings 262 The __() Function 262 The _e() Function 263 The esc_attr__() Function 263 The esc_attr_e() Function 264 The esc_html__() Function 264 The esc_html_e() Function 264 The _x() Function 264 The _ex() Function 265 The esc_attr_x() Function 266 The esc_html_x() Function 266 The _n() Function 267 The _nx() Function 268 The _n_noop() Function 269 The _nx_noop() Function 270 Using Placeholders 271 Internationalizing JavaScript 273 Developer Handbook Resource 275 Creating Translation Files 275 The MO and PO Files 276 Translation Tools 276 How to Create a POT File 277 Command Line 278 Where to Store Translation Files 278 Summary 278 Chapter 12: Rest Api 279 What the REST API is 279 What You Can Do with the REST API 280 Accessing the WordPress REST API 281 Default Endpoints 282 REST API Clients 283 Insomnia 283 Postman 283 Authentication 284 Enhanced Authentication 285 Custom Endpoints 286 The HTTP API 289 What is an HTTP Request? 289 HTTP Request Concepts 289 Dissecting an HTTP Transaction 289 Some Caveats on Checking HTTP Responses 291 Possibilities for Crafting HTTP Requests 292 How to Make HTTP Requests in PHP 292 Using the HTTP Extension 292 Using fopen() Streams 293 Using a Standard fopen() 293 Using fsockopen() 293 Using the CURL Extension 294 Too Many Ways? 294 WordPress’ HTTP Functions 294 The wp_remote_ Functions 294 wp_remote_* Input Parameters 295 wp_remote_* Return Values 297 wp_remote_ Companion Functions 302 Advanced Configuration and Tips 303 Proxy Support 303 Filtering Requests and Responses 304 Bringing It All Together 307 Create 307 Update 309 Delete 309 Resources 313 Summary 313 Chapter 13: Multisite 315 Terminology 316 Advantages of Multisite 317 Enabling Multisite in WordPress 317 Multisite Functions 319 The Site ID 319 Common Functions 319 Switching and Restoring Sites 321 Network Content Shortcode Examples 325 A Network Content Widget Example 330 Creating a New Site 336 Site Options 342 Network Options 342 Site Meta 343 Users and Roles 343 Super Admin 348 Checking the Site Owner 349 Network Stats 350 Database Schema 350 Multisite-Specific Tables 350 Site-Specific Tables 351 Query Classes 351 WP_Site_Query 351 WP_Network_Query 352 Object Classes 352 WP_Site 352 WP_Network 352 Summary 352 Chapter 14: The Kitchen Sink 353 Querying and Displaying Posts 353 Use Case for Displaying Posts 354 WP_Query Overview 354 The Loop 355 Shortcodes 358 What Shortcodes are 358 Register Custom Shortcodes 359 Building a Simple Shortcode 360 Building a Shortcode with Parameters 362 Building a Shortcode with Content 364 Shortcode Tips 366 Think Simplicity for the User 366 Remember That Shortcodes are Dynamic 366 Look under the Hood 367 remove_shortcode() 367 remove_all_shortcodes() 367 strip_shortcodes() 367 do_shortcode() 367 Widgets 368 Creating a Widget 368 Dashboard Widgets 377 Creating Dashboard Widgets 378 Creating a Dashboard Widget with Options 380 Rewrite Rules 384 Why Rewrite URLs 384 Permalink Principles 384 Search Engine Friendly 384 User Friendly 385 Apache’s mod_rewrite 385 URL Rewriting in WordPress 385 How WordPress Handles Queries 386 Overview of the Query Process 386 The Rewrite Object 387 The Query Object 388 What Plugins Can Do 389 Practical Uses 389 Rewriting a URL to Create a List of Shops 389 Creating a New Permalink Structure and Integrating Non-WordPress Pages 391 The Heartbeat API 395 What is the Heartbeat API? 395 Using the Heartbeat API 395 Sending Data 395 Receiving and Responding to Data 395 Processing the Response 396 Full Heartbeat API Plugin 396 Summary 398 Chapter 15: Debugging 399 Compatibility 399 Supporting Many WordPress Versions 400 Playing Nicely with Other WordPress Plugins 401 Keeping Current with WordPress Development 402 Deprecation 404 Dealing with Obsolete Client Installs 404 Debugging 405 Enabling Debugging 406 Displaying Debug Output 406 Understanding Debug Output 407 Error Logging 410 Enabling Error Logging 410 Setting Log File Location 411 Understanding the Log File 411 Query Monitor 411 Summary 414 Chapter 16: The Developer Toolbox 415 Core as Reference 415 PHP Inline Documentation 416 JavaScript Inline Documentation 417 Finding Functions 417 Common Core Files 418 formatting.php 418 functions.php 418 pluggable.php 419 plugin.php 419 post.php 419 user.php 420 Plugin Developer Handbook 420 Navigating the Handbook 420 Code Reference 420 Codex 421 Searching the Codex 421 Function Reference 422 Tool Websites 422 PHPXref 422 Hooks Database 423 Community Resources 424 Make WordPress 424 Support Forums 424 WordPress Slack 425 WordPress Development Updates 425 WordPress Ideas 426 Community News Sites 426 WordPress News 426 WordPress Planet 426 Post Status 426 Know the Code 426 LinkedIn Learning 427 Twitter 427 Local Events 427 Tools 427 Browser 427 Editor 428 NetBeans IDE 428 PhpStorm 428 Notepad++ 428 TextMate 428 Sublime Text 428 Visual Studio Code 429 Deploying Files with FTP, SFTP, and SSH 429 phpMyAdmin 429 Summary 430 Index 431
About the authors Brad Williams is CEO and cofounder of WebDevStudios, a WordPress design and development firm. He is coauthor of Professional WordPress Design and Development. Justin Tadlock is a plugin and theme developer with over a decade of professional experience. He currently writes for WP Tavern. John James Jacoby has authored dozens of popular WordPress plugins and leads the development of bbPress and BuddyPress. He has contributed to every major WordPress version since 2008.
