Menu Sidebar
Menu

Writing Secure WordPress Code

A few weeks ago I gave a presentation at WordCamp Europe on writing secure WordPress code. The methods I described in my presentation are extremely important when writing code for WordPress. Whether you are a theme designer or a hardcore plugin developer, you should follow all of these security measures to verify your code is as secure as possible. My presentation slides are below:

WordCamp Europe Is Next Week!

Next week I will be attending and speaking at the first ever WordCamp Europe! The event takes place October 5th-7th in Leiden, Netherlands. WordCamp Europe is going to be an amazing event with a insane amount of awesome presentations.

WordCamp Europe 2013 SpeakerI will be presenting on Writing Secure WordPress Code. I’m scheduled to be the last presentation on Saturday at 17:15. I’ll be covering tips and functions available in WordPress that can help you keep your code as secure as possible. Whether you’re a plugin developer or build themes, it’s extremely important to understand how to secure your code from hacks and exploits.

As awesome as this event is going to be, I’m just as excited to see many of my friends at the event. The Attendees list is a who’s who of WordPress awesomeness. I have so many European friends in the WordPress community that will be in attendance so I can’t wait to hang out!

If you’re attending WordCamp Europe make sure you track me down and say hi!

Grub Soda

One of my favorite drinks lately has been what I call: Grub Soda. It’s a delicious, refreshing, and low-calorie drink for any occasion. If you’d like to try it follow the instructions below.

grape_three_olives_vodka
Ingredients:

  • Club Soda
  • Grape Vodka

To make, simply mix 1/3 parts Grape Vodka with 2/3 parts Club Soda. I prefer Three Olives vodka, but really any grape flavored vodka will do. Mix with a spoon and enjoy!

Do You Want Professional WordPress Plugin Development Second Edition?

Recently I’ve been thinking about my book Professional WordPress Plugin Development, and whether there’s enough demand for a second edition.

Over the years I’ve received some amazing feedback from readers, many of whom have since released plugins on WordPress.org after reading the book. The book is an amazing resource for anyone creating custom plugins in WordPress, from beginners to experts alike. I use the book on an almost daily basis to refresh my memory on proper techniques, functions, and hooks to use when building plugins.

The original Professional WordPress Plugin Development was written for WordPress 3.1, which was released over 2 years ago. The book is still the highest rated WordPress development book on Amazon, with a solid 5-star rating.
pro-wordpress-5-star-reviews

I have two questions for you:

  • Do you want to see a second edition?
  • What would you like to see in a second edition?

I’d love to hear your thoughts in the comments below!

How To: Create a Network Only Plugin in WordPress

If you’ve ever created a custom plugin in WordPress, you should be familiar with the standard plugin header code. The information set in your plugin header is displayed under the Plugins admin menu in WordPress shown below:

wordpress-plugin-header-example

There is a lesser known piece of information that can be defined in your plugin header that tells WordPress to only show your plugin on the WordPress Multisite Network Plugins page. This will hide your plugin from being displayed and activated at the site level in WordPress Multisite. To only allow your plugin to show at the Network Plugins level, simply add this one line to your plugin header code:

Network: true

Easy, right? Let’s look at an example comparing a standard plugin header with a network only plugin header.

Standard Plugin Header:

/*
Plugin Name: My Awesome Plugin
Plugin URI: http://webdevstudios.com/support/wordpress-plugins/
Description: This is my extremely awesome WordPress plugin
Version: 1.0
Author: Brad Williams
Author URI: http://webdevstudios.com
License: GPLv2
*/

Network Only Plugin Header:

/*
Plugin Name: My Awesome Plugin
Plugin URI: http://webdevstudios.com/support/wordpress-plugins/
Description: This is my extremely awesome WordPress plugin
Version: 1.0
Author: Brad Williams
Author URI: http://webdevstudios.com
License: GPLv2
Network: True
*/

Using this method you can be sure your WordPress plugin will only be network activated in Multisite.

The First WordSesh Was a Huge Success!

wordsesh-badge-speakingWordSesh, the first ever 24 hour free live streaming WordPress event, took place just a few short days ago. I had the privilege of helping organize and run the event with Scott Basgaard and Chris Cochran. The event was a huge success that featured an epic list of presenters from the WordPress Community.

Below are a few of the presentations that I enjoyed the most:

DradCast Kickoff Episode


Dre and I hosted a special WordSesh kickoff edition of the DradCast hosted by Scott Basgaard. We had a great time discussing how WordSesh was thought up, the logistics behind organizing an online only event, and some fun WordPress news.

Scoping Projects to Avoid Stress, Headaches & Angry Mobs


Lisa gave a great presentation on scoping projects for clients, which is a topic any entrepreneur can benefit from. She shares her experience with a client and ways she could have made the project run smoother by creating a detailed proposal and spec upfront.

WordPress Plugins, Code, and the Ecosystem in General


Brian and Pippin present on plugins and the ecosystem around them. They both have a wealth of knowledge that all WordPress plugins developers could learn from.

Everything & anything you’ve ever wanted to know about BuddyPress & bbPress


John’s presentation on BuddyPress and bbPress is a fun walkthrough on the history of both projects. John discusses the initial releases, journey to their current state, and also touches on the future of both BuddyPress and bbPress.

The best part of WordSesh is that all presentations are available online! To view any of the amazing videos visit the WordSesh YouTube page. Also be sure to follow @WordSesh on Twitter for updates on future events.

WordSesh proved that an online only WordPress event is something the community not only needs, but absolutely loves. Stay tuned for WordSesh 2!

How To: Get the Current Logged in User ID in WordPress

When developing custom themes and plugins for WordPress there are times you will need to get the logged in user’s ID. There are a few different ways to accomplish this, but I’m going to show you the easiest method. To get the user’s ID you’ll use the get_current_user_id() function like so:

$current_user_id = get_current_user_id();
echo 'Your User ID is: ' .$current_user_id;

The get_current_user_id() function will return the currently logged in user’s ID, or 0 if a user is not logged in. Another popular method, which requires a bit more code, is the get_currentuserinfo() function. The method I described above actually uses the wp_get_current_user() function, which is a wrapper for get_currentuserinfo(). So using get_current_user_id() is just a faster method for retrieving the same data. This function was added in WordPress 3.0 as part of the Multisite code merge into WordPress.

To learn more about the get_current_user_id() function check out the Codex article or consult the WordPress core.

Newer Posts
Older Posts

Brad Williams Blog

WordPress and the Web

Who is Brad?

Brad Williams picture

Brad Williams is a computer programmer and tech junkie who enjoys exploring technology and sharing his knowledge and experience with others.

 

CEO of WebDevStudiosMaintainn, and Pluginize. Co-author of Professional WordPress and Professional WordPress Plugin Development.

 

Brad resides in Philadelphia.

 

 Subscribe in a reader

Professional WordPress Third Edition

Professional WordPress Plugin Development