$30 off During Our Annual Pro Sale. View details »

Introducing the WordPress Coding Standards /for non-developers/

Introducing the WordPress Coding Standards /for non-developers/

Presented on September 14, 2017 at the Wordpress Fryslân meetup, Drachten, The Netherlands.
https://www.meetup.com/WordPress-Meetup-Fryslan/events/241141009/
---------------------------------------------------------------
Ever heard of the WordPress Coding standards ? Ever wondered why they could be useful to you ?

In contrast to most coding standards, the WordPress Coding Standards are about so much more than just (code) style. It is about best practices, modern code, preventing conflicts with other themes and plugins and can even help safeguard you against some common security vulnerabilities.

No matter whether you are a developer or you can't tell divs from eval's, the WordPress Coding Standards can help you. Let me tell you how...

Links:
* PHP Codesniffer: https://github.com/squizlabs/PHP_CodeSniffer/
* WordPress Coding Standards: https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards
* PHPCompatibility Standard: https://github.com/wimg/PHPCompatibility/
* Example ruleset: https://github.com/jrfnl/QA-WP-Projects (to be added)

Juliette Reinders Folmer

September 14, 2017
Tweet

More Decks by Juliette Reinders Folmer

Other Decks in Programming

Transcript

  1. Introduction to the WordPress Coding Standards for non-developers Jenn Vargas

  2. Hello! Juliette Reinders Folmer @jrf_nl @jrfnl

  3. None
  4. Code Style Documentation Code Smells Code Metrics Best Practices Code

    Compatibility
  5. PHP CodeSniffer by

  6. Phar Composer Git clone PEAR Installation

  7. How It Works rulesets sniffs checks

  8. PHPCS Build-in Standards PEAR PSR1 PSR2 Zend MySource PHPCS Squiz

  9. Userland PHPCS Standards Laravel PHPCompatibility Symfony2 CodeIgniter Drupal Magento WordPress

  10. Reviewing Plugins and Themes with PHP CodeSniffer Nikolay Bachiyski

  11. QA WP Projects PHP Compatibility Standard WordPress Coding Standards PHP

    Codesniffer
  12. Dawn Armfield

  13. Dangerous Code  Use of eval() Squiz.PHP.Eval  Use of

    PCRE /e modifier PHPCompatibility.PHP. PregReplaceEModifier  Use of backtick operator Generic.PHP.BacktickOperator
  14. pelican

  15. Untestable Code  High Code Complexity Generic.Metrics.CyclomaticComplexity  Deep Code

    Nesting Generic.Metrics.NestingLevel
  16. Benjamin Earwicker

  17. Outdated Code  Globals Functions instead of OO Squiz.Functions.GlobalFunction 

    Use of PHP 4 Style code Squiz.Scope.MethodScope Squiz.Scope.MemberVarScope PSR2.Methods.MethodDeclaration Generic.Functions. CallTimePassByReference Generic.PHP.DisallowShortOpenTag
  18. Ashim D'Silva

  19. Messy Code  Use of extract() WordPress.Functions.DontExtract  Assignments in

    Conditions Generic.CodeAnalysis. AssignmentInCondition  Duplicate Classes Generic.Classes.DuplicateClassName  Jumbled Incrementers Generic.CodeAnalysis. JumbledIncrementer  Duplicate Function Arguments Squiz.Functions. FunctionDuplicateArgument
  20. None
  21. Incompatible Code - PHP PHPCompatibility => Needs a testVersion config

     Use of Deprecated Syntaxes  Use of Deprecated or Removed Functions / Classes / Extensions etc  Use of (too) new Syntaxes
  22. Jenn Vargas

  23. Incompatible Code - WP Use of Deprecated:  WP Functions

    WordPress.WP.DeprecatedFunctions  WP Function Parameters WordPress.WP. DeprecatedFunctionParameters  WP Classes WordPress.WP.DeprecatedClasses
  24. Play4smee

  25. Conflicting Code  Overwriting WP Global Variables WordPress.Variables.GlobalVariables  Non-enqueued

    Scripts & Styles WordPress.WP.EnqueuedResources  Non-prefixed code WordPress.NamingConventions. PrefixAllGlobals => needs prefixes property
  26. Lyn Belisle

  27. Insecure Code  Input not Validated  Input not Sanitized

    WordPress.VIP.ValidatedSanitizedInput  Output not Escaped WordPress.XSS.EscapeOutput  Using User Input without Nonce Verification WordPress.CSRF.NonceVerification  Open to SQL Injection WordPress.WP.PreparedSQL
  28. StuartMiles

  29. --ignore-annotations

  30. Explain

  31. Thanks! Any questions ? Slides: https://speakerdeck.com/jrf Code: https://github.com/jrfnl/ qa-wp-projects @jrf_nl

    @jrfnl @jrf