Introducing the WordPress Coding Standards /for non-developers/

Slide 1

Slide 1 text

Introduction to the WordPress Coding Standards for non-developers Jenn Vargas

Slide 2

Slide 2 text

Hello! Juliette Reinders Folmer @jrf_nl @jrfnl

Slide 3

Slide 3 text

No content

Slide 4

Slide 4 text

Code Style Documentation Code Smells Code Metrics Best Practices Code Compatibility

Slide 5

Slide 5 text

PHP CodeSniffer by

Slide 6

Slide 6 text

Phar Composer Git clone PEAR Installation

Slide 7

Slide 7 text

How It Works rulesets sniffs checks

Slide 8

Slide 8 text

PHPCS Build-in Standards PEAR PSR1 PSR2 Zend MySource PHPCS Squiz

Slide 9

Slide 9 text

Userland PHPCS Standards Laravel PHPCompatibility Symfony2 CodeIgniter Drupal Magento WordPress

Slide 10

Slide 10 text

Reviewing Plugins and Themes with PHP CodeSniffer Nikolay Bachiyski

Slide 11

Slide 11 text

QA WP Projects PHP Compatibility Standard WordPress Coding Standards PHP Codesniffer

Slide 12

Slide 12 text

Dawn Armfield

Slide 13

Slide 13 text

Dangerous Code  Use of eval() Squiz.PHP.Eval  Use of PCRE /e modifier PHPCompatibility.PHP. PregReplaceEModifier  Use of backtick operator Generic.PHP.BacktickOperator

Slide 14

Slide 14 text

pelican

Slide 15

Slide 15 text

Untestable Code  High Code Complexity Generic.Metrics.CyclomaticComplexity  Deep Code Nesting Generic.Metrics.NestingLevel

Slide 16

Slide 16 text

Benjamin Earwicker

Slide 17

Slide 17 text

Outdated Code  Globals Functions instead of OO Squiz.Functions.GlobalFunction  Use of PHP 4 Style code Squiz.Scope.MethodScope Squiz.Scope.MemberVarScope PSR2.Methods.MethodDeclaration Generic.Functions. CallTimePassByReference Generic.PHP.DisallowShortOpenTag

Slide 18

Slide 18 text

Ashim D'Silva

Slide 19

Slide 19 text

Messy Code  Use of extract() WordPress.Functions.DontExtract  Assignments in Conditions Generic.CodeAnalysis. AssignmentInCondition  Duplicate Classes Generic.Classes.DuplicateClassName  Jumbled Incrementers Generic.CodeAnalysis. JumbledIncrementer  Duplicate Function Arguments Squiz.Functions. FunctionDuplicateArgument

Slide 20

Slide 20 text

No content

Slide 21

Slide 21 text

Incompatible Code - PHP PHPCompatibility => Needs a testVersion config  Use of Deprecated Syntaxes  Use of Deprecated or Removed Functions / Classes / Extensions etc  Use of (too) new Syntaxes

Slide 22

Slide 22 text

Jenn Vargas

Slide 23

Slide 23 text

Incompatible Code - WP Use of Deprecated:  WP Functions WordPress.WP.DeprecatedFunctions  WP Function Parameters WordPress.WP. DeprecatedFunctionParameters  WP Classes WordPress.WP.DeprecatedClasses

Slide 24

Slide 24 text

Play4smee

Slide 25

Slide 25 text

Conflicting Code  Overwriting WP Global Variables WordPress.Variables.GlobalVariables  Non-enqueued Scripts & Styles WordPress.WP.EnqueuedResources  Non-prefixed code WordPress.NamingConventions. PrefixAllGlobals => needs prefixes property

Slide 26

Slide 26 text

Lyn Belisle

Slide 27

Slide 27 text

Insecure Code  Input not Validated  Input not Sanitized WordPress.VIP.ValidatedSanitizedInput  Output not Escaped WordPress.XSS.EscapeOutput  Using User Input without Nonce Verification WordPress.CSRF.NonceVerification  Open to SQL Injection WordPress.WP.PreparedSQL

Slide 28

Slide 28 text

StuartMiles

Slide 29

Slide 29 text

--ignore-annotations

Slide 30

Slide 30 text

Explain

Slide 31

Slide 31 text

Thanks! Any questions ? Slides: https://speakerdeck.com/jrf Code: https://github.com/jrfnl/ qa-wp-projects @jrf_nl @jrfnl @jrf