Quick tip: how to disable embeds for any URL(s). The other day I was adding URLs to a draft post in WordPress. Some of the URLs were for Twitter tweets. Checking a preview of the post on the front end, I was surprised that WordPress had automatically embedded the actual tweet in place of the […]
When I go to WordCamps, I get this question a lot: “Why do you have the PHP Code Widget still in the directory?” There’s a good answer for that, but first let me explain why I made the thing in the first place. If you examine the history of that plugin, you’ll find that it […]
Been a while since I wrote something. Let’s talk about some of the new stuff available in the Customizer. Forget about some of part two First, back in part two, I had a bit about Surfacing the Customizer. That bit is outdated now, WordPress does this for you in later versions. So, yeah, skip that. […]
One of the easier to understand vulnerabilities is the CSRF. It’s also one of the most common issues we see in plugins and themes, because people rarely think about it. Imagine that I have a form that takes input, like so: Now, that’s a simple form (and missing a submit button to boot), but you […]
We get a lot of submissions to the WordPress.org plugin repository, and so there is often a lot of dangerous code submitted. Usually this isn’t malicious, it’s just by people who honestly don’t know that their code has problems. Understanding those problems is the first step to fixing them. So here’s one common vulnerability we […]
One of the new features alongside the auto-update feature in WordPress 3.7 is support for “language packs”. More info about these will be coming out eventually, along with new tools for plugin and theme authors to use to manage this system (or to not have to micro-manage it, rather). A lot of this feature is […]
You know, when some people are asked to do a presentation on a subject, they start by thinking about what they’re going to say, how they’re going to say it, and what their presentation will contain. Me, I just start writing code. I was asked to present at WordCamp Seattle, on the specific subject of […]
I’m not a fan of the color orange. Dunno why. I prefer soothing and relaxing colors, like blues and greens. But the new Twenty Thirteen theme for the next version of WordPress is very, very orange. Since I like to run the default themes over on my other site, this clearly could not stand. So, […]
Everybody seems to be talking about Photon. Nobody really seemed to notice the Infinite Scroll feature added to the latest Jetpack. While it is slightly buggy, it’s pretty neat nevertheless. It’s also pretty easy to add support for in your own themes. I added it to this blog, just to see how. So, here’s how […]
So in my last post about Internationalization, I covered some non-obvious things that you should consider when adding translation capabilities to your code. Today, let’s add to that by covering some non-obvious translation functions. You’re probably not using these, since they don’t get talked about as much. But there’s probably places where you should be […]