Yes, I know the world seems to be shifting to a front-end-functionality-first mentality and I really need to build my skills there, but I feel like its best to start with the fundamentals. And what better place to start than building a WordPress plugin?
To start, I decided to read up on WordPress coding best-practices.
The PHP standards were pretty simple, though the spacing standard around the array index puzzles me. Why no space around strings, but space around variables is expected? Wouldn’t it be simpler and more consistent to always have spaces around all array indexes, like just about everything else in PHP? Oh well, I’ll try, but I’m sure I’ll forget that one sometime in the near future!
Also, I feel like should have known about Yoda conditions, but I didn’t. I kinda like it. I mean, I get how it protects us from that common typed-only-one-equal-sign mistake, but it is annoying that it is only used for ==, !=, ===, and !== and not greater-than or less-than statements. Yet another exception to the rule to remember…
I also reviewed the Data Validation Codex and it goes without saying that this will prove incredibly helpful going forward, but I am now confused on what the preferred method for a database update is. Here’s what I mean…
In the WP PHP Coding Standards, the Formatting SQL Statements standard describes a properly formatted UPDATE statement as:
$var = "dangerous'"; // raw data that may or may not need to be escaped $id = some_foo_number(); // data we expect to be an integer, but we're not certain $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_title = %s WHERE ID = %d", $var, $id ) );
and then goes on about always running prepare() at the last moment possible. I get that, but the example doesn’t seem to use the preferred method for database updates.
The Data Validation Codex doesn’t even mention query() and describes how insert() and update() will escape everything for me, no prepare() needed.
I write this not to complain (Thank you for your work volunteers!), but to remind myself to find the source of truth when it comes to preferred coding practices. For WordPress database functions, I assume that is the wpdb Codex and according to that document, update() is the way to go.
While looking for the Codex on wpdb, I found the WordPress Database Description page. I definitely need to spend some time getting to know that!
I think my next step will be to read up on Plugin development and find a few coding examples to play with.
I’m not sure how long this will take.
Follow me on Twitter: @amelungc