May I know where to edit the tax rate?
May I know where to edit the tax rate?
coding-standards
How can one use variables in a template or template part without polluting the global scope?
I feel there is a bit of confusion — let me try and clarify some key concepts. A WordPress installation can potentially run huge amounts of 3rd party code. Code you can’t control. That leads to a high chance of naming collisions. That’s why WordPress coding standards suggest to “namespace” functions and variables declared in … Read more
$wpdb->prepare referencing a const without a coding guideline warning
I’d really like to get rid of the messages about coding style Despite not recommended, you can ignore/whitelist warnings and errors for a line or block of code using special PHPCS/WPCS comments which you can find here: Ignoring Parts of a File Whitelisting code which flags errors Working examples: ( Note: WordPress accepts all these … Read more
How to automatically convert “normal” conditions to yoda conditions
Yes, there is PHPCBF which can automatically fix some of them at least. However, I’d suggest ignoring Yoda conditions. There is currently a proposal to drop yoda conditions from the coding standard in favour of stricter checks against assignments in control structures, while moving slowly has been well received.
Sanitization html output itself
The more elaborate data is, the harder it is to both formulate and implement sanitization process. For a number this might be as simple as “integer” and (int)$number. For HTML this is highly not trivial with different possibilities of desired scope (no HTML tags? some blacklisted tags? some whitelisted tags? what about embedded scripts? CSS?) … Read more
PHP Code Sniffer – WordPress VIP Coding Standards
You can use filter_input to sanitize your $_POST array. $nonce = filter_input( INPUT_POST, ‘revv_meta_box_nonce’, FILTER_SANITIZE_STRING ) use empty() to check $nonce has a value or not. You can use the same for second issue $foo = filter_input( INPUT_POST, ‘foo’, FILTER_SANITIZE_STRING ) change 3rd parameter based on your expected data in $_POST[‘foo’]. check this doc for … Read more
Standard technique for AJAX post endpoint: WP REST or WP API?
You can use wp_ajax action: add_action( ‘wp_ajax_my_awesome_ajax’, ‘my_awesome_func’ ); add_action( ‘wp_ajax_nopriv_my_awesome_ajax’, ‘my_awesome_func’ ); function my_awesome_func() { // Handle request with $_POST wp_die(); } You can submit contact form with jQuery post: jQuery.post( my_awesome_js.ajaxurl, { ‘action’: ‘my_awesome_ajax’, ‘data’: ‘some data’ }, function(response){ alert(response); } ); The my_awesome_js.ajaxurl you use wp_localize_script: wp_enqueue_script(‘my_awesome_js’, ‘/path/to/your/script/above.js’, array(‘jquery’)); wp_localize_script(‘my_awesome_js’, ‘my_awesome_js’, array( … Read more
WP nonce verification
If this is coming from a form you can use this code to add the nonce to it: // Create an nonce, and add it as a query var in a link to perform an action. $nonce = wp_create_nonce( ‘my-nonce’ ); <form action=’youraction?_wpnonce=<?php echo $nonce?>’> <!– Form Contents –> </form> Then you can add this … Read more
Should I use wp_cache in my plugin to make it faster?
If you check the source code for get_option, you’ll see that it already uses wp_cache_get() and wp_cache_add() under the hood. So without looking deeper into the implementation, I would presume that two calls of get_option(‘foo’); would only trigger a single db call (and cache the result). Hence, in this case E) would apply: caching is … Read more
Check if almost 10 year old – working code is up to date
Check if almost 10 year old – working code is up to date