Expanding on this Transom.org article: “WordPress Unplugged”.
When a site has problems, plugins are often the cause, either code flaws, vulnerabilities, or conflicts with other plugins. First thing you do when troubleshooting is deactivate plugs.
Minimally vetted free pugins are in the: WordPress Plugins Directory.
Some plugins are simple functions; you may want to just copy the code, not the whole plugin, into your active Theme’s functions file. An example of a simple plugin: HTML in Category Descriptions.
Code in the active Theme’s functions.php file is also called a “plugin”, but it doesn’t have the Plugin header metadata and cant be deactivated in the Plugins theme: Functions File Explained.
An example from Directory of a feature you might want but wouldn’t want to write/copy yourself: SyntaxHighlighter Evolved.
The right hand column has lots of data with which you can vet the quality/stability of the plugin: Was it recently updated (>2 years no longer in search)? Well-rated, lots of downloads (remember, tho: downbloads != amt of uses)?
Check the plugin Author(s), do you know her/his other plugins?: Profiles – Alex Mills (Viper007Bond).
Has the author recently resolved issues in the plugin’s support forum Support – SyntaxHighlighter Evolved.
In this case, the plugin script is used at WordPress.com — aka, it’s sanctioned/tested: Posting Source Code.
Other plugin repos of some renown: Pippins Plugins | WordPress Plugins – Crowd Favorite.
Install new plugins by searching directory or uploading zip: Codex: Install Plugins
WP dev now uses Plugins as Features, see WP 4 Beta-testing tab: Install Plugins- Beta-Testing.
New Plugin modal in WP 4 has much of the info from the directory: View version details.
Examine plugin code for quality and comments Holly Dolly
- Lazy load script, stylesheets load — esp, front end.
- Prefix functions.
- Classes when appropriate.
- Enqueue, for dependencies, like jQuery — Codex: wp enqueue script.
- Scripts in footer.
- CSS low specificity , no
!important. - Sanitize input.
- If function exists.
- Debug on: errors.
- Deprecated functions.
A plugin uninstall.php script is a plus for cleaning up data when user deletes a plugin –a must for plugin-added db tables): Function Reference/register uninstall hook.
Think thru not only how you’ll use plugin, but how you’ll stop using it: Can you search & replace its shortcodes with HTML? Will your site look right w/o the feature you depended on the plugin for? Do you have plugin-defined functions in your theme (should be w/in if (function_exists)). See recent issues with the popular ACF: “Backward Compatibility: Thoughts on Advanced Custom Fields Pro”.
You will stop using all plugins when troubleshooting — so what happens to your site w/o it.
If you like a plugin: Review, Rate, Donate. Charge your project for plugin money, then spread it around. Nothing like asking for support after a $50 donation.
Plugins are now essential tools for Dev: Developer.
Install plugins at a test site first.
Security come from always updating plugins, themes, and WP: Dashboard Updates Screen — never edit a plugin’s files or WP core, if you do you’ll lose you’re edits upon update.
Deactivate a plugin that you only use occasionally and temporarily (e.g., Pig Latin). Delete all plugins not being used — even when deactivated, any code in your /plugins folder can be a vulnerability.
Which plugin are bottlenecking page loads or hogging memory? Use: P3 (Plugin Performance Profiler).
Or RYO plug, see Make WordPress Documentation: Plugin Developer Handbook
Write you own plugins with above vetting in mind, such as: Plugin Developer Handbook- Enqueuing Properly.
Keep file loading sequence in mind. Must-Use pluginss load first, then Active Plugins, which load before many WP global are set, like User variables. So to use functions like current_user_can(), use a hook that fires after users.php loads: Plugin API/Action Reference.
Drop-ins for maintainance mode or db error are static HTML pages that look like your site and display when site down: Plugins – Pubmedia Test Site | WP Engineer: WordPress Dropins.
Must-Use plugins are always on (made for across Multisites), WordPress Codex: Must Use Plugins
Smashing Magazine ahs “Ten Things Every WordPress Plugin Developer Should Know”.
Leave a Reply