1. YOU’RE DOING IT WRONG
Chris Scott - @chrisscott - slideshare.net/iamzed
photo by mimk http://www.flickr.com/photos/mimk/222612527/
2. Thanks
• Dion Hulse’s (DD32) two part series on doing it
wrong:
• http://dd32.id.au/2009/11/01/youre-doing-it-
wrong-1/
• http://dd32.id.au/2009/11/01/youre-doing-it-
wrong-2/
• http://dd32.id.au/2009/11/24/how-to-do-it-right-
part-0/
• Michael Pretty for ideas and telling me what I’m doing
wrong
• Sean O’Shaughnessy for ideas and graphics
3. New Features in a Year:
2.7 - 2.8.6
• Sticky posts
• Comment threading and paging
• Widgets API
• Load scripts minified by default
• Load scripts in the footer
• esc_* functions
• security fixes
• and much more...
20. Use $wpdb Methods
global $wpdb;
$wpdb->update(
$articles,
array('review' => $rating),
compact('post_id')
);
RIGHT
21. Not Validating/Escaping
User Input
<label for="title"><?php echo
get_option('my_plugin_option_title'); ?></label>
<input type="text" id="value" name="value" value="<?
php echo get_option('my_plugin_option_value')); ?>">
WRONG
22. Validate and Escape User
Input
<label for="title"><?php echo
esc_html(get_option('my_plugin_option_title')); ?></
label>
<input type="text" id="value" name="value" value="<?
php echo
esc_attr(get_option('my_plugin_option_value')); ?>">
RIGHT
23. Not Using Caching
$response = wp_remote_get($url);
if (!is_wp_error($response)
&& $response['response']['code'] == '200')
{
$data = $response['body'];
}
... do something with data ...
WRONG
24. Use Caching
if (!$data = wp_cache_get('my_external_data')) {
$response = wp_remote_get($url);
if (!is_wp_error($response) &&
$response['response']['code'] == '200')
{
$data = $response['body'];
wp_cache_set('my_external_data', $data);
}
}
... do something with data ...
RIGHT