Development
WordPress Development
Source Control
You must use a source control to any project you develop. There is a team at BitBucket where you can work on.
If you have any questions how to use git, please take a look at http://rogerdudler.github.io/git-guide/ or fell free to contact me.
How to create new themes
If you are using a purchased theme, you must never modify any line of code in theme folder. If you do it, you will lose your code when theme update its core code.
The best thing to do is: child-themes. WordPress gives a feature to “extend” our current using creating a child-theme. You can see all instructions how to create a new child theme here: https://codex.wordpress.org/Child_Themes
How to create new plugins
Such as themes, you must never edit any line of code in plugin folder. Unfortunately, plugins doesn’t have a “child” feature, but you can use filter and actions from WordPress.
See the correct way to change your title format instead edit your WordPress file:
add_filter('protected_title_format', 'blank');
function blank($title) {
return '%s';
}
Editing stylesheet/javascript files
You can “merge” databases in WordPress. For this reason, it’s not recommended to write CSS and Javascript code in your WordPress admin. If you have to create a custom CSS/JS code you must import your file to your child-theme.
Avoiding function name collisions
Name collisions occur when a function has the same name as a function that's already been defined. To avoid this is recommended to prefix your functions. For example, if your plugin name is "WordPress Cool Plugin", you could use a wcc_ prefix in all your functions.
So in the example above our function name will be wcc_get_the_post_terms()
I also recommend you to prefix your CSS, or at least try to make it more unique to avoid modifying other plugins styles.
Prevent direct access to your files
Most hosts allow direct access to files. In your plugin, this means that most probably some PHP errors will arise and those errors are valuable information for attackers.
A very basic code to prevent this, that you can place on top of your script is:
// Exit if accessed directly
if ( ! defined( 'ABSPATH' ) ) exit;