Understanding the WordPress Security Plugin Ecosystem

In the last couple of months, several security related WordPress plugins have been released. Between the sheer number of them and the marketing promises of the plugin authors, it is difficult to find out what plugin is the right fit for your needs.

As Tony Perez of Sucuri writes in Understanding the WordPress Security Plugin Ecosystem:

The biggest challenge the [WordPress Security Ecosystem] faces is product and service confusion. This is compounded by a variety of factors. I often categorize them, generally into two buckets – deliberate and non-deliberate confusion. For me deliberate product confusion comes often by marketeers and those looking to make a quick buck on what they perceive to be the next virtual gold rush. While non-deliberate confusion is introduced by those that mean well, or were once affected, and have come up with a genuine solution that likely addresses a very narrow issue.

The post explains the four different categories of WordPress security plugins, what each of them do and what their limitations are. So if you are confused about security plugins, this post is for you.

A Cleaner Admin Menu with the Menu Humility Plugin

Certain plugin developers, among them unfortunately Automattic and Yoast, insist on putting their plugin pages right at the top of the WordPress admin menu.

As much as I like the plugins that these developers created and continue to maintain (thanks!), I don’t want them right at the top of the admin menu.

This is where Mark Jaquith’s Menu Humility plugin comes in handy. It shoves these plugin pages where they belong: at the bottom of the admin menu.

The plugin is easy to use: install and activate. No additional steps needed!

Four ways you can make blogging for your business work

Just because there’s no silver bullet doesn’t mean that your business should ignore blogging as a strategy.

It’s actually the reverse. Because it takes work, you can assume many other folks won’t do it. And that means blogging can become a competitive advantage for you.

The advice that Chris Lema provides in Four ways you can make blogging for your business work goes beyond businesses and beyond business owners.

A must read for anybody blogging in a professional capacity.

How to add Google fonts to WordPress themes

One of the recurring errors I see during theme code reviews is incorrect inclusion of Google fonts. There are five things that I look for in particular:

  1. Is the font enqueued instead of included directly in the template files or the CSS?
  2. Is the font enqueued on the correct hook?
  3. Is the font URL protocol independent?
  4. Can translators deactivate the font if their language’s character set isn’t supported?
  5. Can the font easily be dequeued by child themes?

In this post we’ll see how we can do it right when it comes to adding Google fonts to themes. How to add Google fonts to WordPress themesContinue reading

Underused WordPress functions: checked(), selected() and disabled()

If you work with forms in PHP, you often have to write code like this snippet:

<option value="<?php echo esc_attr( $value ) ?>" <?php echo ($value == $other_value) ? 'selected' : '' ?>>

Luckily WordPress provides three functions that help with such tasks:

  • checked() for radio buttons and checkboxes.
  • selected() for options in select elements.
  • disabled() for input elements that can be disabled.

All three functions use the same private helper function (namely __checked_selected_helper). This means the way they work, as well as their parameters, are identical:

  • $value (required): The value that you want to compare.
  • $current (optional): Value to compare to. Defaults to true if not set.
  • $echo (optional): Output or return the generated HTML. Defaults to true if not set.

You either pass in a single value, or two values. If the comparison returns true, the correct HTML will either be outputted or returned, depending on the third parameter.

Let’s have a look at some code examples.

<input type="checkbox" name="x" value="1" <?php checked( $x ); ?> /> Is x true?

In this case if $x contains a value that evaluates to true, checked() outputs checked="checked". If $x evaluates to false, nothing will be outputted and the checkbox won’t be checked.

<select name="fruit">
    <option value="apple" <?php selected( $fruit, 'apple' )?>>Apple</option>
    <option value="orange" <?php selected( $fruit, 'orange' )?>>Orange</option>

Here we compare two values to determine whether an option needs to be selected or not. We use a string here as second parameter, but it could be a variable as well.

$x = 1;
$y = 2;
$string = '<input type="radio" name="math" value="1"' . disabled( $x, $y, false ) . ' />';
echo $string;

In this third example, we have passed two variables to the disabled() function and passed false as third parameter. This will return the HTML generated by the function instead of outputting it.

As $x and $y are not equal, the radio button is active. If $x and $y were equal, the button would be disabled.

There you have it! Three functions that save keystrokes and make your code a lot cleaner.

Don’t Call Yourself A Programmer, And Other Career Advice

While the internet is full of advice on the technical side of making a living by writing code, there is little good advice to be found about how to build your career in the field.

Patrick McKenzie’s Don’t Call Yourself A Programmer, And Other Career Advice is an exception to this.

Whether you are starting out fresh after getting your degree or whether you’ve been around for a few years, the article is full of useful advice for software engineers.

Getting Started With Swift: Tools and Ressources

During the WWDC 2014 keynote, Apple introduced a new programming language called Swift.

In comparison to Objective-C, Swift is much closer to modern programming languages such as Ruby. This makes Swift easier to learn for people that have a web development background.

So if you are interested in iOS app development, but have been hesitant to learn Objective-C, now is the ideal moment to dive in.

Here is a list of resources to help you learn this new language.

Required Software

As of right now, Swift is only available to registered Apple developers. To download it, you need to enroll in Apple’s Developer Program. The yearly fee for the iOS Developer Program is $99.

Once you have a valid account, you can download the beta of the Xcode 6 IDE. This software contains all the necessary tools to write and compile Swift programs.

Documentation and Tutorials

Projects and Code Samples

Erik Spiekermann on Unreadable Typography

While the above video is named “Erik Spiekermann on iOS 7″, it goes far further than that.

Erik Spiekermann uses this opportunity to address the lack of readability in contemporary screen design. I consider his remarks to be spot on, I’ve seen the “unreadable carpet of text” all too often.

The video is in German, but you can use the subtitles to get the English translation.