corenominal

Full stack web developer, interested in all the things, but especially the web, code, design, Linux, OS X, PHP, WordPress, JavaScript & robots.

Tagged: wordpress

Full stack log: 20170325

It’s Saturday and my day off, but I’ve been dipping in-and-out of the WordPress theme that I’ve been working on. I’ve mostly continued to work on the case study templates that I started yesterday, but I’ve also made a few tweaks here-and-there and performed some more content editing.

Normally, I try not to work at the weekends, but with a deadline looming, I wanted to get ahead of the game. Besides, working at the weekend can actually be quite enjoyable as I tend to sit down at the computer when I feel like it. Today for example, I’ve been showing potential buyers around our house (we’re selling it and moving somewhere new), and between viewings, I passed the time by doing some coding. It was a very relaxed kind of work.

Full stack log: 20170324

First thing this morning, I edited a bunch of contributor posts in WordPress. Being an Editor is a role I seem to have picked up. TBH, I enjoy doing it — it’s good to not be coding all the time. Also, I know the WordPress editor pretty well and I know what to look for when editing posts, e.g. posts have been correctly categorised and tagged, featured images have been uploaded etc. Does being an Editor fit under the role of a full stack developer? Most definitely not, but I suspect it does for many, especially those working in small teams.

For the remainder of the day, I mostly worked on a WordPress theme that I have been developing to replace an ageing website. The deadline for the launch of the new website is the end of this month. I have 5 working days to complete the project. Today’s work involved creating some template files to show content for a custom post type. The post type is for case studies and it features a lot of custom fields and multiple featured images. Nothing ground breaking, but the template turned out well and the case studies look good.

Full stack log: 20170323

This morning, I spent some time fixing a flexbox layout that was exhibiting some rendering issues in Internet Explorer 11. Turns out that IE has a few flexbox bugs, no surprises there, grrr.

This afternoon, I mostly created a promotional video for Red Nose Day. Most of the footage for the video was shot on my iPhone 6s. I cut the video together using Final Cut Pro X. I’m not sure if video editing is considered to be a task that fits under the “Full Stack” mantle, but I enjoy playing around with Final Cut, so I was happy to be able to help. The video turned out good and hopefully it’ll encourage some people to donate.

Tonight, I created some new template files for a WordPress theme. The new theme files were needed to incorporate a new category of posts. This task only took minutes to complete, but thought it was worth mentioning.

4 Key Misconceptions about WordPress Development Debunked image/svg+xml

Powering nearly 27.5 percent of the web, WordPress is one of the most popular Content Management Systems (CMS) available. However, not everyone is familiar with the wide-range of functionality it offers. Worse yet, the internet is crawling with ‘alternative facts’ about its features and development that could stop you in your tracks.

Fortunately, these myths and misconceptions don’t hold water. In reality, WordPress is a great fit for all manner of sites, and developing for the platform is a breeze.

A good effort at debunking some common misconceptions about WordPress.

WordPress REST API Vulnerability Exploits Continue image/svg+xml

Over the weekend the attacks increased and WordPress security firms have seen more attempts blocked by their firewalls. Sucuri, the website security firm that reported the vulnerability to WordPress, was tracking the “Hacked by w4l3XzY3” campaign last week and estimated 66,000 defacements. That particular campaign has now passed 260,000 pages indexed by Google. It is one of nearly two dozen defacement campaigns targeting the vulnerability.

Ouch! The WordPress REST API has certainly gotten off to a rocky start. Personally, I love the REST API, but I’m thinking this hasn’t helped convince its detractors that it should remain as part the WordPress core.

Ignorance is Bliss? An Enormous WordPress Zero-Day has Been Secretly Fixed image/svg+xml

WordPress 4.7.2 fixed the issue, but it was a “silent patch”. The fix was hidden within other issues in order to give everyone time to patch their systems.

At the time of 4.7.2’s release details of the flaw were kept secret, as the security community raced to ensure that as many sites were protected as possible as Aaron Campbell explained in a WordPress blog post.

Sounds like a rather nasty flaw, so it’s understandable that a “silent patch” was applied.

UPDATE: More detailed information available here.

Conditionally include additional CSS and JavaScript for page templates in WordPress

I’m currently working on a large’ish WordPress theme that has a number of custom page templates. The custom page templates require their own CSS and JavaScript files, so I’m using the following code to enqueue the additional files. This allows for a file structure like so:

themes/mytheme/page_template_foo.php // custom page template
themes/mytheme/css/page_template_foo.css // additional CSS
themes/mytheme/js/page_template_foo.js // additional JS

The code should be self-explanatory, but see the comments for explanations as to what’s happening.

Notes: this method increases overheads as it tests for the existence of files, if you’ve only got a couple of custom page templates, you’d be better off hardcoding. That said, if you’re using caching it shouldn’t be a big deal. Also, unless you’re using HTTP/2, you’ll probably want to use something like Autoptimize to concatenate the CSS and JS files.

The State of WordPress Security image/svg+xml

WordPress is not as insecure as its reputation would suggest. Rather it is a top target due to its incredible prevalence. Yes, there are a lot of vulnerabilities in the WordPress ecosystem, but most of them are in a small percentage of the plugins. While many plugins do not contain vulnerabilities at all because of their small size, the ones that do have issues, have a lot of them. The more lines of code a plugin has, the more vulnerabilities it has on average.

I would have thought that would be pretty obvious. Still, it’s an interesting read, if only to get a list of plugins you’d probably want to avoid.

Interview with Matt Mullenweg on the new WordPress release cycle and more image/svg+xml

I had the opportunity to interview Matt Mullenweg at the end of WordCamp US 2016, and we chatted about the new WordPress development cycle, the WordPress REST API, and more.

Following on from State of the Word, 2016, it’s good to see Brian and Matt discussing the announcements in a less formal manner. Their discussion around the REST API and defining its success (starts around 11:50) was most interesting, although I found Matt’s answer somewhat woolly. Authentication issues aside, I’m wondering if the slow adoption of the REST API is related to a lack of firm commitment to the feature? Or maybe it’s just too advanced for the majority of WordPress users. Regardless of the reason, it would be good to hear a solid commitment to it.

jQuery.mmenu, app look-alike menus with sliding submenus image/svg+xml

Looking for that true native app look and feel for your mobile menu? Stop searching, you found it!

No matter how large your nested menu structure is, everyone already is familiar with the sliding submenus used in native apps. Adding a fixed header, search field and subitem counters make navigating your menu even easier.

Looks like a solid app menu implementation. Also available as a WordPress plugin.