Comments on: Top 10 Most Common Coding Mistakes in WordPress Plugins http://planetozh.com/blog/2009/09/top-10-most-common-coding-mistakes-in-wordpress-plugins/?source=rss A bit of my personal life, mainly focused on my kids. A bit of code, mainly focused on Wordpress and PHP. Overall, bits of nothing in particular. Wed, 23 May 2012 13:43:53 +0000 hourly 1 http://wordpress.org/?v=3.3.2 By: Ryan http://planetozh.com/blog/2009/09/top-10-most-common-coding-mistakes-in-wordpress-plugins/comment-page-2/#comment-198044 Ryan Tue, 08 May 2012 11:00:41 +0000 http://planetozh.com/blog/?p=1321#comment-198044 @Ray Apologies i got the names mixed up. But you have a good point. My previous comment was directed @tdwtf. But still if no one is going to make an effort ill contact the author and ask him to remove the comment with his file paths. Our company got hacked a few months ago because of a developer leaving vulnerabilities open like listing the file directories. Not a nice feeling if you need to rewrite every single index.php file on our web server @Ray Apologies i got the names mixed up. But you have a good point. My previous comment was directed @tdwtf.

But still if no one is going to make an effort ill contact the author and ask him to remove the comment with his file paths. Our company got hacked a few months ago because of a developer leaving vulnerabilities open like listing the file directories. Not a nice feeling if you need to rewrite every single index.php file on our web server

]]> By: ray http://planetozh.com/blog/2009/09/top-10-most-common-coding-mistakes-in-wordpress-plugins/comment-page-2/#comment-198043 ray Tue, 08 May 2012 10:20:37 +0000 http://planetozh.com/blog/?p=1321#comment-198043 you're right, my choice of words could have been better but the point is still valid. Now that clearly visible error is also clearly visible in the inbox of everybody that subscribes to this post. Just sayin, you don't post somebodys filepaths on a public list. you’re right, my choice of words could have been better but the point is still valid. Now that clearly visible error is also clearly visible in the inbox of everybody that subscribes to this post. Just sayin, you don’t post somebodys filepaths on a public list.

]]> By: Ryan http://planetozh.com/blog/2009/09/top-10-most-common-coding-mistakes-in-wordpress-plugins/comment-page-2/#comment-198042 Ryan Tue, 08 May 2012 08:41:55 +0000 http://planetozh.com/blog/?p=1321#comment-198042 He pointed out an error that everybody could see. Although contacting him privately would' ve been a decent way to go about it but I see nothing wrong with pointing it out. Who knows maybe there was something wrong with his production server and it wasn't the same as his development server. Maybe he just needed to debug something quick. @Ray you cannot tell us that you never debugged on a live server before because of some strange reason that you had no choice to. If you haven't then you are not a proper programmer and just some dude that learned html and php basics He pointed out an error that everybody could see. Although contacting him privately would’ ve been a decent way to go about it but I see nothing wrong with pointing it out. Who knows maybe there was something wrong with his production server and it wasn’t the same as his development server. Maybe he just needed to debug something quick.

@Ray you cannot tell us that you never debugged on a live server before because of some strange reason that you had no choice to. If you haven’t then you are not a proper programmer and just some dude that learned html and php basics

]]> By: PJH http://planetozh.com/blog/2009/09/top-10-most-common-coding-mistakes-in-wordpress-plugins/comment-page-2/#comment-198041 PJH Tue, 08 May 2012 08:31:36 +0000 http://planetozh.com/blog/?p=1321#comment-198041 Ray, how does pointing out a clearly visible PHP error make someone (like) a 'disgruntled hacker?' Looks more like it hit a nerve and you're peeved. Well at least you made it to TDWTF message boards. Ray, how does pointing out a clearly visible PHP error make someone (like) a ‘disgruntled hacker?’

Looks more like it hit a nerve and you’re peeved.

Well at least you made it to TDWTF message boards.

]]> By: ray http://planetozh.com/blog/2009/09/top-10-most-common-coding-mistakes-in-wordpress-plugins/comment-page-2/#comment-198040 ray Mon, 07 May 2012 21:49:57 +0000 http://planetozh.com/blog/?p=1321#comment-198040 @tdwtf update to mistake 11 finding an error and posting it publicly instead of contacting the author privately... doesn't make you look like some really incredible coder. it makes you look like a disgruntled hacker who tried to hack his site and failed and now you're mad... just sayin... think before you post Ray @tdwtf
update to mistake 11
finding an error and posting it publicly instead of contacting the author privately…
doesn’t make you look like some really incredible coder.
it makes you look like a disgruntled hacker who tried to hack his site and failed and now you’re mad…
just sayin… think before you post
Ray

]]> By: tdwtf http://planetozh.com/blog/2009/09/top-10-most-common-coding-mistakes-in-wordpress-plugins/comment-page-2/#comment-198039 tdwtf Mon, 07 May 2012 20:39:01 +0000 http://planetozh.com/blog/?p=1321#comment-198039 mistake 11) displaying errors to users on a production site. From your own site: <i>Warning: require_once(/home/ozh/lib/simplepie/simplepie.inc) [function.require-once]: failed to open stream: Permission denied in /home/planetozh/planetozh.com/blog/wp-content/themes/planetozh/functions-feed.php on line 56 Fatal error: require_once() [function.require]: Failed opening required '/home/ozh/lib/simplepie/simplepie.inc' (include_path='.:/usr/local/lib/php:/usr/local/php5/lib/pear:/home/planetozh/planetozh.com/blog/wp-content/themes/planetozh') in /home/planetozh/planetozh.com/blog/wp-content/themes/planetozh/functions-feed.php on line 56</i> mistake 11) displaying errors to users on a production site. From your own site:

Warning: require_once(/home/ozh/lib/simplepie/simplepie.inc) [function.require-once]: failed to open stream: Permission denied in /home/planetozh/planetozh.com/blog/wp-content/themes/planetozh/functions-feed.php on line 56

Fatal error: require_once() [function.require]: Failed opening required ‘/home/ozh/lib/simplepie/simplepie.inc’ (include_path=’.:/usr/local/lib/php:/usr/local/php5/lib/pear:/home/planetozh/planetozh.com/blog/wp-content/themes/planetozh’) in /home/planetozh/planetozh.com/blog/wp-content/themes/planetozh/functions-feed.php on line 56

]]> By: Amna http://planetozh.com/blog/2009/09/top-10-most-common-coding-mistakes-in-wordpress-plugins/comment-page-2/#comment-197780 Amna Wed, 22 Feb 2012 08:22:30 +0000 http://planetozh.com/blog/?p=1321#comment-197780 Wonderful List, it will be a great help while writing plugins. Wonderful List, it will be a great help while writing plugins.

]]> By: ray http://planetozh.com/blog/2009/09/top-10-most-common-coding-mistakes-in-wordpress-plugins/comment-page-2/#comment-197713 ray Tue, 31 Jan 2012 00:01:03 +0000 http://planetozh.com/blog/?p=1321#comment-197713 thanks Ozh, Don't always think of all these things when coding so it's great to get a reminder... thanks Ozh,
Don’t always think of all these things when coding so it’s great to get a reminder…

]]> By: Ozh http://planetozh.com/blog/2009/09/top-10-most-common-coding-mistakes-in-wordpress-plugins/comment-page-2/#comment-197492 Ozh Wed, 04 Jan 2012 13:20:03 +0000 http://planetozh.com/blog/?p=1321#comment-197492 abdussamad » Otto is saying exactly the same as me. Store 10 options in one array instead of saving one in 10 different entries. Regarding serializing, it's just how WP stores arrays. Number 7 is still valid. You need to either implement nonces or, preferably, use the API settings, but anyway not use raw forms with no checks. abdussamad » Otto is saying exactly the same as me. Store 10 options in one array instead of saving one in 10 different entries. Regarding serializing, it’s just how WP stores arrays.

Number 7 is still valid. You need to either implement nonces or, preferably, use the API settings, but anyway not use raw forms with no checks.

]]> By: abdussamad http://planetozh.com/blog/2009/09/top-10-most-common-coding-mistakes-in-wordpress-plugins/comment-page-2/#comment-197491 abdussamad Wed, 04 Jan 2012 08:14:33 +0000 http://planetozh.com/blog/?p=1321#comment-197491 Regarding 3: According to core developer otto its better to store options as an array. The reason he gives is that it saves on queries to the database: http://lists.automattic.com/pipermail/wp-testers/2009-January/011116.html But here you've shown the exact opposite. Wordpress simply loads all autoload options with one DB query! So why store data as in serialized form? The memory usage is the same and it still takes just one query. Frankly I think its better to store options in separate rows. Easier to code as well. Regarding number 7: It's now redundant with the new settings api. It does all the checking for you. Regarding 3: According to core developer otto its better to store options as an array. The reason he gives is that it saves on queries to the database:

http://lists.automattic.com/pipermail/wp-testers/2009-January/011116.html

But here you’ve shown the exact opposite. WordPress simply loads all autoload options with one DB query! So why store data as in serialized form? The memory usage is the same and it still takes just one query. Frankly I think its better to store options in separate rows. Easier to code as well.

Regarding number 7: It’s now redundant with the new settings api. It does all the checking for you.

]]>