Developers Open Forum Meetup – June 4, 2014

Due to a last minute presenter cancellation, our June 2014 WordPress Developers meetup ended being an open forum. This led to a lot of great discussion among the 12 developers present and even some hands on code review and a book suggestion.

After introductions, one developer raised an issue he was having with customizing a page to show business listings in differing ways without needing to create separate templates for each version of the search. For instance, one iteration of the search would include featured businesses at the top, another would not, another would show only restaurants, only lodging, etc. The business listings were defined as a custom post type within the system and the developer had created separate page templates to customize the queries.

One way discussed to address the problem was to use a single custom page template or even the archive for the custom post type (archive-business.php) to handle all the queries and to pass different variables though the URL query string such as:

  • http://mysite.com/business/?type=Lodging – to show only Lodging listings
  • http://mysite.com/business/?display=featured – to show featured listings at the top
  • http://mysite.com/business/?display=regular – to not show featured listings at the top (include in natural position in the list)

These different query variables could then be used to adjust the query within the template as follows:

 

You could do the same logic with ordering in ascending or descending order. One thing we neglected in our hands-on coding was the sanitize the input from the user. The sanitize_text_field function (built into WordPress) is mandatory when accepting input from a user. Even though you generate URLs with input you’re expecting, a hacker could easily modify the URL to try and gain access into your system. This function is a good ward against that type of attack. Thanks to Andy Gagnon for catching this oversight.

Another (and more elegant) way to approach this quandry would be to use the pre_get_posts hook which allows you to alter the query *before* it is run. The method above means that the initial query to pull business listings has already occurred and another query is run after you get to the page. We didn’t get a chance to review this during the meetup, but I’ve included a sample of how this would work below.

During conversation of this we ended up talking about customizing RSS feeds (particularly in relation to MailChimp newsletters). I showed an example of a custom RSS feed I created for a client. The initial code to set it up is pretty straightforward. I myself got this code from here.

Then to create the feed itself, you snag one of the feed files out of the wp-includes folder (I grabbed the feed-rss2.php as my file which MailChimp worked great with).

Next we talked about the issue of adding custom CSS code to a site. Andy Gagnon had an issue where a child theme he created for the purpose of customizing the CSS broke the parent theme. Modifying the parent theme took place, but was not an ideal solution as it breaks the upgrade path. Finally he settled on creating a small plugin to add the CSS instead. JetPack also offers a plugin to do this, but Andy is fond of limiting site plugins as much as possible to control the load on the site. This is a viewpoint I also support, although we often rib Andy as being the most anti-plugin member of our meetup. JetPack also had a recent security flaw so it was likely a wise choice. Discussion on files getting smooshed (line breaks lost) when sent via FTP was also a concern. This happened to Andy possibly due to him being a PC user and the client using a Mac to edit the same file.

The Year Without Pants: WordPress.com and the future of work
Recommended for all WordPress geeks!

More discussion about JetPack was had and the question was posed about whether developers were using it on their site. One of features being used by at least 1 developer was the Publicize feature which posts to Facebook and Twitter when new posts are made. I’m curious to check that out myself. I didn’t realize that was even part of JetPack. I’ve used SharePress in the past to accomplish this.

This discussion was the perfect segue for Andy to show us a book he’s currently reading – The Year Without Pants: WordPress.com and the future of work. The book generated quite a lot of interest and not only for the bright red underpants on the cover. The book is written by a former Microsoft employee who went to work at WordPress.com and is about the unique work culture at WordPress.com where most employees are remote and email is barely used.

Security and hacked websites also came up. Dave Buccerio discussed how his company help to check code for issues and much conversation around hacked websites occurred and how best to clean them up. Sites on shared servers were cited as particularly vulnerable since hackers could break into another site and sometimes gain access that way. Moving your site to a new host was discussed as the ultimate fail-safe move if nothing else works, but often fresh installs of WordPress, all plugins, and changed passwords (both WordPress and database) can do the trick. Security plugins such as WordFence were brought up by Gavin Engel and Andy Gagon as well as iThemes Security Pro (formerly Better Wp Security) by Jeff Litcofsky.

At the end, I made a pitch to a project near and dear to my heart, a NH WordPress hub site. My idea is to have a hackathon to work on the site together as it could benefit all members of our group. It could be a place to seek WordPress help or advice, find a job, find a designer/developer, see a calendar of WordPress events, etc. I’ve created a meetup event to gauge interest and once folks sign on we’ll try to find the best day/time for those interested to help out. I’ve got ideas, but it will be a collaborative process and we’ll move it forward together.

It doesn’t seem possible that we could have covered all that in 2 hours, but it just flew by. Thanks to everyone who came for having such great discussions.

What do you think?