Hello WordPressBy Rikesh Ramlochund@rrikesh

What is WordPress?

What is WordPress?• WordPress is a CMS

• Almost 11 years old!

• Open Source – GPL v2 or later

• People mostly use WordPress as a blogging platform

• Powers the wordpress.com blog network

What is WordPress?Usage not limited to blogs

● Corporate websites● Web Apps● Multisite● Forum● Ecommerce

Why WordPress?• Smooth learning curve.

• Elegant admin interface (called the WordPress Dashboard)

• Dashboard has a responsive layout

• Lots of people use it, help is easily available through various communities.

• The WordPress Codex is concise

Why WordPress?• As a developer, lots of job prospects

• As a client, easy to use dashboard

• Backwards compatible

• Upgrades to newer versions run smoothly

• Most used CMS, by far. (source: w3techs)

WordPress on the WWW• Where to look for help?

● WordPress.org Forum● Stack Overflow● WordPress Answers (The WordPress branch of the

Stackexchange network)● /r/wordpress subreddit

WordPress for Bloggers• Wordpress.com v/s self hosted

• Limitations of customisation wordpress.com

• A self hosted blog is easy to set up!

WordPress Installation• Download WordPress

• wget http://wordpress.org/latest.zip

• Create a database

• Rename wp-config-sample.php to wp-config.php

• Add database configurations to wp-config.php

• OPTIONALLY add other configuration settings

• Open your website url in a browser and follow the steps.

Wp-config.php• WordPress configuration file

• Allows us to:

● Define debugging mode● Add salts● Change language● Change table prefix● Define post revisions and autosave frequency● And more!

Security• Never install WordPress which you didn't download from

WordPress.org

• Always update your CMS, plugins and themes regularly

• File Permissions:

● find /path/to/your/wordpress/install/ -type d -exec chmod 755 {} \; (directories)

● find /path/to/your/wordpress/install/ -type f -exec chmod 644 {} \; (files)

Security• Some people add a layer of protection by implementing

BasicAuth on their wp-admin folder

• A second layer of protection can be added where scripts are generally not intended to be accessed by any user. (wp-includes folder)

• Securing wp-config.php to a directory above the WP install

• Disable File Editing

● define('DISALLOW_FILE_EDIT', true);

Security• Backups are handy if something goes wrong

• There are plugins available that check if your installation is secure

• On the Codex: http://codex.wordpress.org/Hardening_WordPress.html

Permalinks• Allows us to define pretty links in WordPress

• Available in Settings → Permalinks

• Uses .htaccess to perform the rewrite

• More SEO friendly links

• From http://localhost/mscc/?p=123 to http://localhost/mscc/sample-post/

WordPress Development• Here’s the fun part.

• WARNING: Don’t modify the WordPress core, plugins and themes since they will get updated

• Modify the default behaviour of WordPress using hooks

• WordPress has two types of hooks:

• Action

• Filter

WordPress Development• About WordPress actions

• An action is a PHP function that is executed at specific points throughout the WordPress Core.

• For example, send a mail to the admin each time a new post is created.

WordPress Development• About WordPress filters

• Filters usually modifies data before displaying.

• Filters are not intended to modify contents of the database.

• For example, if you want to change all words in your post to upper case, you can use a filter to do so before displaying.

WordPress Themes• Themes reside in the wp-content/themes folder

• Commercial themes can be updated, but you’ll lose your changes.

• Use Child Themes if you’re not using a custom built theme (i.e. a theme that will get updated)

• Choose from more than 2,200 free themes - http://wordpress.org/themes/

• Never use pirated versions of paid themes. Piracy is bad (and malware will pwn you!)

• Themes are not only used for templating needs, but can also contain functions to customise the behaviour of WordPress

WordPress Plugins• Plugins also extend WordPress functionalities

• They are located in the wp-content/plugins folder

• Commercial plugins can be updated, don’t modify them, you’ll lose your changes.

• Choose from more than 29,500 free plugins – https://wordpress.org/plugins/

• Never use pirated versions of paid plugins. Piracy is bad (and malware will pwn you!)

Theme or plugin?• Since both can be used to add functionalities, when to use

what?

• Use a plugin if you want to keep your behaviour even after changing themes. Eg. Google Analytics

• Note that theme and plugin functions can also be wrapped in a class!

Plugins development• Same thing as in functions.php

• You can copy/paste functions from functions.php to a plugin and vice versa

• Plugins have three additional hooks:

● activation hook● deactivation hook● uninstall hook● Read more:

http://wordpress.stackexchange.com/q/25910/17305

Theme Structure• The bare minimum a theme can have is an index.php and

a style.css file

• Theme information is stored in the style.css file

• WordPress uses its Template Hierarchy to decide which template to render for a given page

• Pages can have specific templates to choose from

• The last fallback is index.php

Child Theme• Easily extend a parent theme.

• Sometimes you build your theme around a framework, like Genesis, Roots or Underscores. Frameworks get updated too!

• Read more: http://codex.wordpress.org/Child_Themes

• You should make your themes compatible with child themes, if you want to distribute them.

Child Theme• The Template in the style.css refers to the directory name

of the parent

• The child theme can overwrite any file present in the parent theme. Use another file with the same name.

• Child theme's functions.php does not get overwritten.

• It gets loaded together with the parents functions.php

• However, child's theme functions.php gets loaded first! You can overwrite functions defined in the parent's theme if they are encapsulated with function_exists();

Custom Post types and fields• WordPress can be extended to create more post types,

taxonomies and custom fields

• Custom post types and Taxonomies are easily created programmatically

• I recommend using a plugin like Advanced Custom Fields for creating custom fields in your posts

Options API• The Options API allows us to save variables in the

Database – in the options table

• The most used functions available are get_option(), update_option(), and delete_option()

• For example, if you want to save some theme or plugin settings.

• Arrays are automatically serialised before storing

Dashboard menu pages• You can add your own settings pages in the WordPress

dashboard.

• You can use add_menu_page() and add_submenu_page()

• You can also hook on to existing pages, by using add_theme_page(), add_plugins_page(), add_users_page(), add_management_page(), add_options_page(), etc...

Shortcode API• Some kind of filter used in the WYSIWYG

• A [shortcode] is evaluated to some string

• Shortcodes can take parameters. For example

● [gallery id=”123” size=”medium”]● [ads type=”smallbox”]

• Can be used in templates using do_shortcode()

Theme Customizer API• Recently added API

• The WP Customizer API allows theme developers to provide a live theme modification preview.

• For example: change heading colour, site name, site description.

WP_Query• WP_Query is a class that allows you to craft detailed

requests to query your content.

• You may want the four latest posts from a category from a particular author

• WP_Query parameters are passed as an array

• $result = new WP_Query( $args );

• Use wp_reset_postdata() when using multiple loops on a page

Ajax• WordPress has its own way of dealing with ajax.

• Add a parameter called action to your ajax data

• Hook to wp_ajax_nopriv_{action} for users not logged in

• Hook to wp_ajax_{action} for users logged in

• add_action('wp_ajax_ajaxdemo', 'callback');

The End• Questions?

• If you have questions after this presentation:

● Tweet me: @rrikesh● Mail me: contact@rrikesh.com

• Learn more on http://codex.wordpress.org