Create your own WordPress plugin, from scratch or already knowing some

[MUSIC] I have the great pleasure to introduce you to Francisco Torres, David Perez and Paco Marchante. Francisco Torres has been participating in the community for almost two years now, he contributes to the WordPress plugin review team. He works as a developer. He is Andalusian from Granada. Exactly. He likes cycling, swimming, toast with tomato and olive oil. Although, well, the jets are nothing more. We also have David Perez, who also participates in the plugin review team since 2023. He also has a marketing and development agency based on WordPress. I love clean code, good practices and when it snows, he runs up to Sierra Nevada to practice cross-country skiing. In addition, he also organizes a solidarity race in Granada, in memory of his father. And well, we also have Paco Marchante, who is a senior full stack developer with more than 8 years of experience in CMS. WordPress, Prestasov and other similar platforms. He is also part of the WordPress.org plugin review team. He has been an organizer of the official WordPress meetups since 2018 in Cadiz and Chiclana. And also organized events like the Chiclana Workup since 2020. Workup Spain, also since 2020, among others. And well, he has also been a speaker at different events. So, well, I stop winding up now and I leave them in good hands. A round of applause, please. [APPLAUSE] Well, and why so many people here? Well, today what we are going to show in these two hours, I am sorry, it is two hours, it is a little bit long. But well, let’s hope it all works out and so on. We are going to show you how to create a plugin. And we are going to start directly, because we are not going to waste time, the sooner we have it done, the better. So, the first step, because in three steps you can make a plugin. So let’s show it like this. Let’s see where it is, it is that every spoiler is not mine, where they are navigated. Look, here we go into GPT chat, step one. Okay? Okay, and step 2. Right, step 2 good using state of the art technology, okay? Like it’s Artificial Intelligence, okay? We just need to write a simple text. What do you want to do? A plugin, I wanted to make a plugin. Oh, okay, I didn’t say it was, huh? Create me a plugin, okay? What do you want the plugin to be about? What do you want it to be about? I don’t know. Hey, a plugin. Yeah, yeah, yeah, yeah. Put the metatytels on? I don’t know what. Keyboards, there’s boards. Meta keyboard. Keyboard. Word. Fuck, what words. In the entries, right? Myself. In the input, of course. It’s optimistic, especially the keywords, huh? It’s that if you don’t, if you don’t put them. And you have to tell him that it is in WordPress. Have I heard that it is not used? No. I don’t know. Yeah, yeah. But beyond that, the title. Yes, yes. Did you say the title? Sure. Right. Which is also the title. It’s the title. Yes? Okay, well, now… Come on, I’m going to give it a law. Come on. You’ll pass, won’t you? No, yes. Now come on, third step. To the third step. In the end, it’s the most important step, right? Yes, yes. You’ve left me to do it. Yes, yes. And that’s it? Well, he’s not writing anymore. There it is. You’re generating it. Looks good, doesn’t it? It’s looking good. Well, there it is. You got me in here anyway? There you go. That’s the plugin code. So, the plugin is already done. So, well, thank you very much for everything. Thank you, Pedro. [APPLAUSE] There’s an acolent audience. Greetings. Greetings. Yeah, yeah. Hey, it went well, didn’t it? We’re done. That’s it. Now for the next talk, huh? Listen, Paco, I think… Yes, yes, yes, yes. No, you have to get my laptop. Sacra, I’m already late. No, let’s see, David, I’ll go, I’ll pick it up. What are you doing here? I’ve already finished it, already. We’re tired. We have to go. Are you still here? We’re here too. But, do you want more things? But, are you in? I don’t understand. And if we’ve already taught you how to make a plugin, what else? Sure. A PRO? How do you think that program in 2025? That’s what I say. But you? Why did you come here? What? What? Why is it here? I mean, what do you expect us to do? Apart from this, I don’t know. Publish it? Ah, publish it, well, well, look, it might be useful. David, tell this GPT what publish the plugin? What else do they ask a little thing? Let’s tell them to publish it. Well, and that’s it. The thing is, we haven’t prepared anything else. No, well, I don’t know, tell him… No, I’m telling him to publish it at www.warpers.org. Okay, okay, okay, okay. Look, there it is, send plugin for supervision, in the plugin upload page, so don’t give me the plugin. That’s it, that’s done, that’s done, because it’s done everything. And once submitted, it usually takes about 2 to 7 days to test it good. Well, not always, not always. Well, not always, not always. But well… It’s faster. Yes, yes, it’s true. But well, that’s it, yes, well, that’s it. If these people want more things, we can have more things. So, to me, well, that’s it. Let’s sit here, let’s do something. It gets simpler. Simpler than that. Okay. After this performa. Welcome, gentlemen, gentlemen and gentlemen and gentlemen to this excellent workshop to create a plugin. Which is going to be all tailored to you, because we’re really going to see what each person knows, what needs you have. And there are three of us. That’s why we are three, because we can divide people who have less programming knowledge, people who have more and adapt to each case. And well, let’s start by introducing ourselves a little bit, apart from what our colleague has already mentioned. Well, I myself am speaking, because I am Francisco Torres. Yes, I really think that the three of us introduce ourselves at the same time a little bit, because the three of us are in the volpes.org plugins team. We are among the people who review the plugins that are uploaded to the studio day. And we wanted to do this workshop. In all things, because we did it in Seville and it went well. It went a lot. And especially to teach people how to make a plugin and that plugin can then be part of the repository or the WordPress directory. In the directory there are about 60,000 plugins. But as we discussed yesterday, so 60,000 one, well that’s fine. At the end of the day, I consider contributing a plugin to the community as a way of contributing to WordPress. So, well, it’s something you could do. Sure, let’s see, I think we should also start a little bit lowering the level to see if someone doesn’t know that it’s a plugin that can happen. It doesn’t ask a couple of little questions, does it? Sure, the typical little questions. Hey, someone has never, ever programmed any plugin for WordPress, he raised his hand. And someone has a plugin uploaded in the repository? Oh, not bad! But the rest have to publish the plugin. And the rest there are programs plugins, from what I’m understanding, right? And yes, yes, yes, yes, yes! Or he devotes to WordPress actively with code or other matter. Okay. Here, above all, as Frank and David commented, we’re going to see a whole review from plugin creation, from the basics to the more advanced points. Since there are 3 of us, we can split up and we can do more active teaching, not just here watching the screen. And well, how many of you also have importate? You pass here the session and so on. Yes, there is importate? Yes, because really the idea is that it’s a bit of a workshop, that you have that laptop that you do, I know you have little space available to put the laptop, but well, you can put it between your legs, then it warms up your cheeks. No, no, you have a table. Yeah, but the table is… No, no, no, no, but the second one is so good. Ah, the table, eh. Well, what you say you give me if you want to move to the second. Normally I do not know, he says, all the talks, but if there are improvements tables, feel free to pass. Of course, especially also understand the issue of… Well, what is a plugin, of course? Here’s the textual definition of what a plugin is. Sure, this is the textual definition of what a plugin is. A plugin is something that makes you different or adds to Word. The most popular is the Online Store, which creates an Online Store with a plugin and from there you can have payment methods, shipping methods, with separate plugin. In the end it adds functionality, in fact what David comments in the directory when we review plugins we are getting on the order of 30, 40 a day was. 35 a day. Yeah, yeah, so we figured, uh, 25 a day. For example, a lot of them are coming in from payment gateways to integrate with Bookomers, and well, they’re coming in of many types actually, right? But the thing is, look, if there are things, integrations and people who think different things, or different integrations with different things, by the end everything is integrated with everything, for 35 new ideas of plugins every day. It is true that sometimes the idea is repeated, but… Some people are not original. Hey, but what is this plugin review team? What is the plugin review team? What is the plugin review team? What is the plugin review team? What does the plugin review team do? Who doesn’t know? Or who does? Sure, it’s easy, but why? Why say “plugin review”. It’s good. Why is it appreciated? Because you could upload the plugin, and well, we have uploaded it, and it downloads a lot of user. Why are there people behind, and manually, reviewing the code? In the end it’s a little bit… so that there is some control in what is published, and above all there are three things that are key. Security, compatibility and compliance with the rules of the directory. There are certain rules that in the end I just made, that it is free software and that it does not do anything wrong, and then it is super important that it is secure. That we know that that plugin, if it’s installed on a WordPress site, that the site is not going to be hacked in three seconds. So, that’s why these reviews are made, and that also later, when it is already published. The basis of the plugins, well, there is a giant handbook, which I encourage you to know, because you learn a lot of development. And inside here there is a section, which is the one that makes a little… a reference to it, the directive or guidelines, to be able to publish your plugin. We are going to see a little bit… Strictly. That is the norm that has to fulfill any plugin, which is that there is to publish it inside the repository, to be hacked. Those are the basic rules that it has to fulfill, apart from the fact that it must be well programmed. Or worse, well, that it complies with a minimum of security, and others that, well, for that there is also our team, which reviews one by one all the plugins that are uploaded, they try to publish, they make the request for publication, within the repository, and all this is reviewed one by one by a volunteer, okay? Then we will also go over what are the most basic errors, the most basic errors, the ones that repeat are the most common, but with this I say one thing, don’t scratch. I think that all of us, we all made these mistakes every day, until we joined the team, where you learn. I think that the biggest learning exponential was also when we entered, so do not worry if you make these mistakes, because they are mistakes that everyone makes every day, right? Well, in little by little they will be mounting matter, but basically the biggest security guidelines is when in our functions we receive information or we get information that goes through a sanitized or an escaped process, okay? That’s, let’s say, the two most important so that, let’s say, we don’t receive malicious code and execute it and well, and by making record we execute it, then we are serving the users malicious code that we are creating. For all of this, okay? We were going to show WordPress Playground first, because everybody has a development environment, and we’re also going to show a little bit of Playground, which is a tool that’s going to be very useful, not only for development, but also when you’re making presentations to clients or doing any kind of testing, of code, of any plugin or code that you don’t want to put directly into your computer, okay? There’s a Playground talk at 12:30, so there’s no reason for you to go from here. No, it’s just that you’ve got to take care of it, so I’ll just… where do you put it? Find it. Already weonchado a first one. They’re going to get mad at playground. Why? Why are you doing this to us? Let’s see, I don’t know… Well, as long as you don’t know what playground is… how do we explain it? It’s magic. This whole story of… when you say to yourself, we’re going to set up a WordPress website. And we start with the MySQL reorrollo, the IPHP, I don’t know what… poof, how tiring that is! Well playground is a WordPress that runs in your browser. And you go like this, wham! and a WordPress appears and says where does the WordPress appear? And WordPress has it on your computer, they’ve put it on your computer, they’ve injected it into WordPress and it runs from your computer. And by doing a little process you can have the files from that WordPress saved in a folder on your computer. So whatever you change, that’s where it’s applied in WordPress. It’s true that it has some small limitations, with some things, there are some things that don’t work, but most of it does. Okay, this is what you see on the screen right now would already be WordPress Playground, okay? To find out is very, very, very, very simple, all we have to do is search. WordPress Playground in Google and it’s going to come up first or second, okay? It’s super simple, anyway the URL is playground.wordpress.net, not .rg, okay? .net, because .net is the community test bag, okay? Here where in .net there’s a lot of projects that are being developed, that are being tested. And right now that’s also where WordPress Playground is hosted. Also Playground you can see it when you see a plugin in the plugin manager, which is the Live Preview. What that does is it mounts a Playground with the plugin that you’re viewing. This is also very useful to test plugins without having to… Because many plugins create tables or create modify database, right when you activate it. So, it can be very interesting to test it and not mess up your website, to use Playground for that. Okay, with Playground as you’re seeing, now they already had, let’s say, a fully functional WordPress installation. I mean, this is already running directly in browser, okay? I don’t have anything downloaded, I don’t have anything. It doesn’t activate any Apache server or MySQL, right? I don’t activate anything. That is to say, if I believed or I show it, but here… Look… I don’t have… How was it here? In Forzad… Forzad… Forzad Exit, so that you see that I am not cheating, eh? I don’t have anything here. The Spotify and the OnePower to remind me the password and little else. Okay, this is directly in the browser, right? What’s it called… with WebAssembly, right? WebSuppers, right? WebAssembly… The technology is behind webSuppers. Right, and well, this directly is a technology that allows us to run code directly in browsers. In this case it’s already being developed with PHP and SQLite, right? That’s why the whole WordPress project that was being done with SQLite was mainly to be able to implement Playground, okay? Here we will have a fully functional installation, okay? I’m going to give you a few quick tips, because this is the first thing that’s going to break you a little bit, give you an error, okay? Which is that when we want to install a plugin, apart from the Odoli that always comes, ok? It is going to give you this error, okay? It is saying that we have no connection outside, that is, we have no Internet connection, I am going to zoom in a little bit so that you can see it anyway. We are getting a bit boring, okay? But well, if you look at it, okay? If we read it, just like computer science, computer science is 90% of what it says on the screen, right? Which is that… Follow the instructions. The problem is that we get smart and we want to read. This right now we wouldn’t have Internet connection and it’s super simple to fix. Or we put this in the JSON, okay? Which I’ll explain now. Or we go here, okay? Where to use it. I’ll say it again in case you missed it on this little button right here. It passed the Playground action that’s loading at the moment. Okay? By the way, that you have us important and you can follow the process because this is going… I mean, you can use this now to develop the plan. Sure, I could even do it on my cell phone. I mean, the Warp Playground is going to open in the browser, but in any browser, right? And here’s the cool thing that I went through testing and passed presentations to clients and so on, it’s super useful, mostly because we can configure Warp the way we want. Okay? How do I activate that? You hear, here I have the option to allow network connection and now the only thing I would have to apply and reset Playground. Playground is deleting itself to load, it’s regenerating that WordPress for me, okay? It’s regenerating the whole thing, I mean, it’s generating another installation with these options. So, when I go here to plugin the theme, I will be able to find it, okay? I’m adding new and I already have an Internet connection, okay? And we could install any type of plugin, that is, we can install whatever you want, ok? Paco, but when I close the browser, this will be lost! Sure. But what no? I have no use for it. It’s no use to me. Well, I do. I don’t want it. It’s not as if I had invented it (laughs) Of course, let’s give a little demonstration, well, the Aqinme, isn’t it? That is, the Clasy Editor that you want, we can install any plugin. Look, I activate this one, right? Here it is. So, if I reload, I load the instance. Okay? It’s the browser memory. I mean, I think it was when I reloaded. See? I was loading. I mean, it’s a whole new WordPress, okay? Keep that in mind. When you reload, it’s a brand new WordPress. I mean, it regenerated, there’s a brand new installation and it’s put everything together. I wish there was a way to avoid that. Well, there is. How? Yes. With WordPress Playground and its memory you can have your WordPress saved here as many times as you want. Oh, that’s very nice, Paco! Yes! All right! It’s super easy to save it, okay? We give it the three dots, okay? And we can download it, okay? Ah, we can even save it. But now I don’t have the option because I don’t have anything yet. So, that’s why I have first… Ah, well, yes, it’s there. I just never see it. It has changed. The interface has changed a lot. Of course it has. It’s changing. You’ve seen it before me. Okay, because before it was in the three dots, right? But here, when you make any change, any change, it’s going to come out here from… This is a… It warns you that it’s a temporary instance of Playground. It’s him again, isn’t it? That’s what it tells us. Of course, of course. It’s that… What happened to me? I went to the crime and I didn’t read what it said, right? So, if we go here, he’s already saying that, hey, if you want to save it, press the button. And we can save it. Or in the browser, okay? Or in our local. If we save it in our local, the powerful thing about this is that it’s going to create the entire WordPress installation, in other words, the entire folder structure and what we can do with all the directories, because we open it in Visual Studio Code and we can start developing as if it were a development environment. But the powerful thing is that we’re not going to have or apalles where we need a local server. Very nice. And you go down, because when we are not in a general portal of ours, it allows us there we are doing, for example, save the files to the local folder. It is super useful to make workshops for creating plugins. Yes, there it is. Hey, look, if there is a plugin creation workshop. Okay, and here I’m going to try to call some more options, okay? Like I’m going to delete this whole instance and stuff. And well, here we can do whatever we want. The good thing about Playground, that all this is generated with some JSON that is called Blueprints, as they have called it, and we can give it to him to see it. And here we have the code for all this, this WordPress instance. Here we can put plugin installation, theme installation, and we can prepare a full instance with our, with the WordPress that we want. The plugin that you normally use? Yeah, sure, sure. If you have your Blueprints saved, you paste it in and it automatically logs in with the plugins that you want. This is also very useful for testing. Okay, the new unit tests that are done in the plugins are used underneath or Playground. So it’s easier because the plugins are always used with WordPress clean so it doesn’t conflict with other plugins. Of course, and the good thing that this, that you do not only have to limit to what is the subject of repository plugins and what not, that you can put any plugin that is on a public URL. That is, your daughters, anything you can put it. So, imagine you have the whole instance of a client and if you want to make a demo you can do it perfectly with this. In the company where I work we have an automated system where we are with Playground, making demos to customers with practically their website because you can also put content automation, page automation, creation automation. So, the moment you launch Blueprint, it creates a complete instance of WordPress with all the content and all the things you want. In fact, Blueprint is also used a lot for when you’re going to publish a plugin in the plugin manager. That LivePerview, well, there was a time when it was enabled by default, but not anymore now you have to enable it yourself. You have to leave a file in the Asset folder. And, for example, if it is now a plugin that needs Google Comer, well let’s say you use an element or any other plugin, use the steps to let you the installation to the user as you wanted to like. Let’s see if you have any questions and asking. Look, we have a doubt. Wait, wait, the micro. Yes, yes, so that you have recorded. Of course, so that it is recorded. Yes, yes, so that it can be recorded later. No, I wanted to ask you if there is, for example, the option of exporting an installation that we have already made with plugins and with themes of the client to a file like this to reuse it. Look, it is a good idea for a plugin. It makes a plugin. Sure. Look, so… Sure, more than anything, if you want to start from something that’s already done and you want to test that, an update on the client’s website. Also in the Blueprint you can put exact URL, that Wordp downloads them at that moment and you can make plugin extend or any other type. So you can’t download something that is already… A Wordp is complete. No, yeah, I understand that you’re going to be able to do it by hand. Okay. I mean, kind of like if you’re at Playground with your locale manager and then you put the files in there and then you import the database, well I understand that you can get to do it. Okay. But I don’t know if… Surely there might be a plugin that you have to do that. For example, some backup plugin that allows you to import to the Playground. Let’s see, Automatic Studio, which is the software that they have taken out of local for… It’s really based on a Playground and it allows you to have Wordp installations in local and you can install the database, the plugins and everything. So it’s kind of packaged so you can use it. Okay. Of course, the easy way is also to set up the whole instance here and port them. Because once we’re installing plugins, which is what you’re doing, now I can download this, export it to GitHub directly or see the blueprint of what I’ve created. Okay. These here we can’t do everything. Okay. It happens, you have to keep saving the instance so that the blueprint is generated, otherwise it’s not generated. Likewise here, if you look, we have all the JSON that is being assembled. There are also a lot of examples here. If you go here on GitHub they had it bite. Or you go here and here’s a bunch of demos already put together by the Playground team. To use blueprint. This I’m telling you, this used and automated to tune a JSON string. You can set up with a little bit of code, you can set up here automators of… In fact the JSON has steps. You have as steps, steps or steps, you can even say that, for example, you want that directly when that plugin is installed, it goes to the configuration setting page, you can specify where you want it to go. And you can also launch PHP code, that is, it has a PHP run command and you can issue code. So, it’s very useful for making demos. Okay, okay. It’s another one that Playground does, for example, it’s quite interesting. That’s pretty cool. Well, thank you very much. So Paco, so you have Playground which is like a specific local environment, but since I make a plugin, where do I find the WordPress files? So… Okay, so let’s see, what we could do is we could download this Playground, but we’re going to download it locally. We already have it in the browser, okay? But you’re uploading a zip all the time and stuff, it’s kind of tedious and stuff. So what we do is we download it to what’s a — a local director. There it is. Yeah, but you’ve got it already slanted with a directory, right? Yeah, let’s see, right? Ah, sure, but of course, this directory we have saved it directly in the browser. In browser, right? There it is. Okay, okay, okay. That’s not in that. And instead of doing what we have done before, of saving it in the browser, we are going to save it in a local directory. And here… You can see with the folders… We’re going to turn off the whole file. Uuuuh… No, the folder don’t touch it. What? The cover don’t touch it. Let him be the most dangerous one. Uuuuh… No, no, I don’t think I have anything. Well, don’t push your luck. And let’s make a new folder, shall we? Warp Pre. There it is. Okay, we selected. What’s wrong with you? I’m gonna ask you for a picture. Oh, yeah. And you’re already creating the whole Warp Pre folder structure for me, right? It needs playground to get up and running. This may take more or less time. But it is not what it is, it is true that the Windows, as the direct, as the Windows file manager works, goes a little slower, than Linux or Mac, it is true that what we saw in previous workshops may take a little longer. But don’t worry, it will create itself, ok? Anyway, he has already told me that he has it. Here is Solito Warp Pre. And if you look… Can I give you more zoom? No. Let’s see… I’ll be strong, won’t I? No, not unless. Of course I’m not lying. We already have a Warp Pre set up here, okay? And this Warp Pre is directly connected to the playground from before. So, right now I already have a development environment. So, that’s how to say… No, it’s just a minute. We are going to take more time to explain it Paco, but that I explain it to you… But because we are making a lot of things up, no, that’s why. No, that’s why. Let’s see, now in Visual Studio… Visual Studio, or is it that you use, ok? Shit, that’s how Visual Studio is updating me. It’s a good offer. We trust it. Let’s see, I’m going to zoom in. The go is confident for life. So, we already have here a Warp Pre with its admin, its content… No, with all. No, no, it’s all here. It’s a marvel. Yes, yes, yes, yes. Now you see better! You know a little bit how the Warp Pre files are structured, well, we explain it for those who don’t know it, for those who don’t know it so well. I tell you, about this, okay? Hey, don’t be shy to ask, because this is the time for questions. No, no, no. Not when we go out. Now, when we go out, I won’t answer a single question about Warp Pre, nor about… Neither about plugins, nor about plugins. We close the track when we get out. There it is, okay? But that… Hey, take advantage of what is the moment, because there is a “tormo” because we also tell you because I take all this also in the position of being listening and gives cut of questions, but here we are to give you sarseo, okay? Yes, yes. This workshop, as I mentioned before, we did it in Seville. And there was a lot of interaction, among other things because we were fewer people. We were about 15 people, so it was closer and so on. Here, as it is such a stage and so… For the best, it is a little bit difficult, but… The truth is that this is done for us, more than for us. In fact, for us we come to possibly do it ourselves. Of course, surely you know more than us, do not think that now… Oops, that you know so much and… Oops, that you know a lot. Here we know each one of us. Yes, yes. There’s a little question over there. What’s the difference between Warp Press Pride Run and Local Situ? When you put in a Warp Press Local. Yes, the Local refers you to that Local from what used to be Flywheel, right? Which is a software that is called Local to have a local installer. Local WP. That’s it, that’s it. Well, the difference, if I’m not mistaken, because I haven’t used it in Local. Yes. Local is a Dock. Right. Local, in the end, uses Docker technology on the back end, right? And in the end, what it’s mounting is a complete instance, it’s mounting you. An entire INU server, okay? A… I mean, a… I mean, it’s… I mean, it’s mounting an Ubuntu… I’m imagining it, okay? He’s setting up an entire Ubuntu in the back. He’s setting up the whole… A whole apache server. Mhsql. Right, Mhsql. That’s all there. And then it starts working over the Warp Press. Not here. With WebAssembly, what it allows is to be able to execute the code directly in the browser, which is a fantastic technology. So, that’s wonderful. And the Playground team has managed to adapt PHP for Playground, which I think is the team that is maintaining the PHP instance in WebAssembly, right? And there we’re not — we’re not running any servers. The finals are different strategies for handling your local installation, which is how it should play out. Yes. Another question. And what’s true is that Playground may have some limitations because of the limitation that the technique has at this point. And I’m going to see now the biggest limitation it has. And both local and again that also work with Docker and such is going to be more realistic with what in the end is a server. For day to day at the end it does not use Playground to develop. You’re going to see it clearly now because one of the big limitations that it has is that every time we make a change we have to update Playground and re-launch it, okay? But anyway, once we have everything developed, it is wonderful to present it to the client. Why? Because then we’re going to see that we can send the URL to the customer so they can run it directly on their computer. And he can be tinkering, tinkering, he can break it and when he breaks it, he has to reload the page and he has it again well assembled. They are different strategies in the end, but yes. It was simply that comparing it with local. I in local I see the database files and here I understand that they are in browser or here not. Well, here you do because they have SQLite. If you know SQLite, do you all know SQLite? Well, a strategy of saving the database in a file, okay? That’s very useful also for everybody like, for example, the university won’t set you up like that anymore, but in the old days the university wouldn’t let you have a database. You had only files, so, well, there are environments that are more limited for security issues and here in this case, for example, if you made an extension to save the taste for SQLite. Yes, and Cado, and how do I get to download the database? If I’m not mistaken, if you install a Playground backup plugin you can download a version of the database, although I don’t know if it will work well, to be honest, because I haven’t tested it. You have some limitation in the plugin. In the local you have, you know you have a small editor of a second PHP Miami in the climeter. Effectively, you don’t have that here, you don’t have that here, that’s true, that would be one of the limitations. And another one, some doubt that I had, is that, like you will say now, that you have to make those files that are the downloaded, if it is a change, that is how it is refreshed, like the restores in the Playground. Like what we’ve put, is that you synchronize with a redirector. Yeah, that was going to say here you have the database in ht.sqlite and that opens it, I have Tablet Plus, or pass on Paco, don’t you have Tablet Plus, please? Yes, I use it for him too. At the end, a database client loads that file. And that file can also be brought to you anywhere. What’s the tablet? No, but it’s an application of… No, no, no, no, it retrieves. With any database client you can open it. In the end, it’s very simple because it makes a zip file and you can take it anywhere. You don’t have to be waiting to get the server up and all this. But for a workshop, for example, it’s very good. No, because I’ve assembled it for you in a moment. And what we are talking about is that, of course, here you have all these files that are the files of a Warp Desk and you have ever seen it, you will recognize it, its WP Admin, WP Includes. Remember that in that the director doesn’t touch or cut his hands. And WP Content is, that’s where you have to touch. And that’s where the changes are made, there are the contents, the themes, the files that are uploaded and the ones where the plugins are placed. Fran, can the staff member put herself in the themes? It’s just that that’s ugly. Yeah, it sure is. Because one difference between themes and plugins or in the end some conceptual difference or to try to make it all neat and everything in its place, is that the themes are. They are dedicated to how the website looks, the look. The design and also this goes much more in that way with the themes that are dedicated, the block themes, the Gutenberg themes, for example, which is that it’s already style and design and that’s it and it’s not going to be able to do anything else and that the plugins are the ones that have the functionality. This actually makes some sense because many times the design does not need maintenance or does not have updates, of course it has an update when the entire design changes, but a functionality many times… It is easier to update it. It’s easier if something changes and you have to update it. So, the plugins for the functionality and the plugins are updated on their own and add each plugin one or two things and the specific themes for the design theme. We comment this because a lot of times there are themes that include… POST-I. Many features that maybe you do not use. The typical one for example by folio. The theme with by folio. How many times have I not come across a tinfoires theme or any other theme from embatos or any other site that you put by folio. That you always have it easy. Sure. What is the problem of this? Does anyone know what would be the problem of having a theme with a POST-I custo that… Mom yes, from the profile. How? A lot of weight. No. No. Oh, that one is. If we change the layout or the theme activated, the POST-I is lost. Because normally if you have registered with the theme you will have your own slug that is still slug that you put and when you change another one… Of course, if you want to respect you have to register POST-I for a plan and use the same slug to lose it. Sure, but look, that nonsense, that is really nonsense, because in the end we will have the content in the database, right? But it’s not going to be assessable for us anymore. So how many clients call us freaking out because they’ve changed the theme and I’ve lost all the information. I was putting all the stuff in the portfolio, god my clients, my stuff and I lost it all because I changed the new design. We got that call for sure. There’s a little bit here at the beginning. Right, right. And so, now what we had to do, we have to make a plugin that has the same labeling and the same POST-I and theme play and everything to get that back. Directly we’re going to do all the functionalities that is not visual, because the theme also… There are themes that also need a little bit that we’re not saying that all the functionalities already have to go in the plugins. All the main functionalities that that add, WordPress, necessary of visual front, that takes us the theme. For example, the patterns, that is being included directly in the CINs. But it also depends… Also in the plugins. Yes, and also… You can find plugins with patterns. Sure, sure, but that’s something… It’s a feature that’s a little bit subtle, but yes in this case, design, pattern, but yes the functionalities in good practice and in fact it’s requested to go to plugins. So everything, please, let’s do it in plugins, did you come to see me, did you come to see me? Now I’ve come to do plugins, haven’t I? Yeah, actually, one thing that a lot of people also do is the concept of making your feature plugins. Which is when you’re making a theme, you’re developing a site for someone and you want to add something that’s more functionality, it’s not so much theme. For example, what we’ve talked about, adding a custom post type, is that you make your own plugin, even if you don’t publish it, you don’t have to publish it, but in that plugin you introduce those functionalities so that later on, in the future, it can continue to work. A very, very, very, very super useful resource, okay? To see the latest development trends in WordPress and how themes are developed, is to look directly at the themes that are now developed by the community, like 2024, right? The IF, in this case. And there we’re going to see how themes are now being developed this year, that’s why it’s the latest trend, how it’s being done. All of this we can see directly here because this is developed by a community team, which is you, you see us or machines, and so we’re going to be able to develop the themes now, okay? And it’s the same thing with plugins, it’s silly, okay? But the HelloDolly is a basic example of how to create a plugin, okay? We’re going to recommend, I never know, for example, a plugin directly with a PHP file directly here, we’re going to make a folder, okay? Why? Because we’re going to have to have more files, so imagine if we start throwing files in here, it can be crazy. The folder is usually named in some way, and we find folders with spaces, with capital letters, it must always be lowercase, with hyphens, and respect… that folder, or that name is called, the plan is LOO, that folder name must be respected for everything, I say as good practice, nothing happens if you call it one way and then use it in another, but as good practice, use that LOO, and not change it in life. That is to say, that decision, well, one of the most important when creating a plugin is: What name do I give it? If you’re going to distribute it and such, because what happens is when… the folders here inside of plugins, for example, you think I make an apaco, do I put SEO plugin or something like that? – SEO plugin. – SEO Madrid, so that there is no… – Yes, indeed. This folder, if it’s not a folder, the same, but well… – Ah, I was staying. If the WordPress director there was a plugin with that name WordPress.org/plugins/barraseo.md, WordPress detects that this plugin exists in the director and will try to update it from there. So, when you think it’s your own plugin, it’s a name that’s your own, that’s yours, don’t name it my plugin. – That is also going to be seen. – Yeah. And now important, because I’m sure that… let’s see, there will also be a lot of PHP developer what do we call the master file. You know what tells me, what do you call and I call the main file? – In… in the… huh? – In the… there’s the good… ind.php, okay? This can be done in WordPress, because WordPress doesn’t search the index. WordPress, when we create a plugin, it’s going to look for where the header is, okay? Which is that we can make the main file inside a folder of another folder, that WordPress is going to start looking for where the file with the header is. This has a problem, okay? And what’s the problem? That this has a lot of incompatibility, of course? Okay? That this is going to work all your life and this is not going to give you any problem, but then, as you upload it to the repository and so on, and then, to have translations and so on, it’s going to have a lot of problems, but it’s going to freak out from the problem that it’s going to give you when it comes to translating, okay? And certain little things, okay? So, as a good practice you use the name of the light and the name of the file, the same light. So, as they said, it should also be José Madrid. Period, l’HT. And with this we are already starting to create a plugin? So without agreeing. Or do you think this is nonsense, but there are plugins that I will not say the name, you look for it because it’s all in the repository, you can download it from a patroda here, okay? With hundreds of thousands of installations that have this problem. Why? Because back in the day, when they uploaded it, they are PHP developers and that I put to my main handle, or “indexhp”, okay? And now, well, they’ve had a lot of problems with this. What’s the only solution to this? Okay? Here’s the problem. Rename the file. But what happens if we rename the file to the main file? What happens? One by one, please. Over there. What would happen? Look here. Well, that could be a mistake. Yes. This is her. What happens? There’s all the installations that have that plugin, they’re going to be deactivated. Imagine a plugin running. Imagine, for example, that it’s not, okay? But imagine elements. Or a Google Comer. With 18 million installations that have to deactivate the 18 million. They are ones that have chosen the name of the file. That is to say, the name of the file and the folder are already unmountable. That’s why it is always said to think a little bit in the long term. If we make a plugin, I don’t know, that seeks to fix a problem now, look for a more genetic name. More general in case in the future it gets updates, what’s happened? Don’t put Twitter in there, for example. For a plugin. Because then you change the name and then already. Or for example, there is a well-known one that is an SEO plugin, it’s called SEO Framework. I don’t know if you know it. But it’s self-describing. Yes, yes. But you can’t change it anymore. That’s it. At the time I should have called it SEO plugin. Well, SEO Framework, for example. And now it’s not. Now it’s Lula Beck and it has that one. When you said that the name of the plugin has to be unique, where can you look? If that name exists. Let’s see, you can search it directly in the repository. If something similar exists. You can’t see it preferably. But there are still tools, okay? That you can search for this kind of thing, okay? I see it easy to search for the name that you’re going to put in the repository and see if you can find it. If the search engine, for whatever reason, is working a little bit irregular, you’d better search in Google or a search engine… You can ask, you know what I mean? If you don’t do it, yes, that is. Of course what… Another thing too, if it’s a personal plugin for a client, well if you have your company name or Freelang, you put your name in front and then what the client does. Then you know that this is not going to be difficult, right? Let him find another plugin with the same one. I brought another one. The bug, the bug. Well, to check that if the plugin exists when you go down the plugin directory and you’re in the URL of any plugin the last part is “look” there you can see… there you know if it’s repeated or not. And another thing that I do not know if they mentioned it when you change the “look” of a plugin is true that they are uninstalled and apart from that the plugins that interact with that other plugin and check if it is activated also have to change all the code because they use the name of the folder and the name of the official one that activates. And a point to that which is pretty much everything you said, okay? No, 100% of the time I mean, 99 if it’s going to be not 100% of the time the look of the repository has to be the folder name and so on because the authors can request a different look as well. Ah, thanks, you didn’t know, ok? Those in review queues already have one reserved. It may be in review queues that the review queues there are 2,000 plugins in the whole clade but anyway it would be unlikely if it has a different name live. Likewise, and the last thing already on the subject of URLs if you upload a plugin once you have your URL to all life. Yes, questions come up saying Can I change my slug? For example, this desire frango, I will ask for it. You can’t. Why should you install plugins? But it’s an ugly end? Of course, as they create more problems for users or obviously that is not allowed. Then we already have inside the folder “plugging” we have a folder that is going to see the guy with that name and now what do we do. There are 2 questions. I do not know if you know the “most just plugins” back also has a folder Yes, more for plugins. If you download the functionality that maybe it is public instead of being a plugin it can be a “most just plugin” or not public. Is that another folder? It is a special folder for multisite sites and effectively what it does is that those plugins that you put, you can put a “function” or you can put “plugging” directly that are always activated or you can not deactivate or in a tab part of plugins always activated. Yes, I had a little note that maybe you are going to comment and that is that although the PHP index is not put because of the problems that you have commented that it is very interesting that you have commented it is still interesting to create it and in all folders for something that surely you are going to explain right now. Yes, well one of the things we do during the revisions is to ask that the PHP files put the “appspot” this at the beginning basically put them to check if there is a parameter of WordPress so you can not run directly PHP files But I mean that to avoid a list of directories if Apache is misconfigured that happens in many installations is better in each folder to have a PHP index with the typical “silence is holding” for example Of course, the hosting normally by default avoid that those folders already is that what happens that there are acceptances but normally avoid that those folders can be listed and therefore see the files but not always or the “dorks” sees his pile but yes, effectively a file as you have commented an empty index.php empty with nothing and that’s it, thus avoiding the listing of files Likewise, the index thing we are commenting is for the main file of the plugin the one that will carry the comment avoid it 100% of the dam that is a generic file like the index How do we make a plugin? what is the first thing that has to carry a plugin someone knows what we would have to do if you want a plugin a header a header that is a set of comments with different guidelines The plugin has to identify itself as a plugin Where are we going to copy it from? by going to see the “Hero Dolly” itself we can copy it that before we already start with the common errors someone detects here an error only here there is already a small error and we are going to comment it (murmurs) (murmurs) they have already said it they have already said it is not checked the direct execution of the PHP that is so that there is not direct attacks to PHP files many times there are for example there are PHP that receive the request of an Aya or of another request then if we do not put him to part of a NOM can execute the PHP and to make request directly this later would be a form to hack the other the form of that the PHP files of a plugin only execute them mortes and not execute them there is a concrete case with PHP where we can even not put it there is a concrete case in PHP where we can because it would already be impossible that execution of outside someone would know what is the concrete case that I am commenting where it is not necessary to put an APA is super easy or not (murmurs) just when there is only a class declaration you know that there is not going to be anything executable is a clear statement the APA especially is for when we have the code here and a function here for example can be executed what happens is that it is really possibly not executed because surely at the bottom it will talk about some hit function and as soon as it is executed it will come here and this function does not exist and it will fail it has given you a fatal error that PHP but we ask you to put it in all the files just in case as a good policy and if you don’t do it in history we check it and we ask you to put it already preventively or even in the PHP of classes because it says well I have a class but maybe it occurs to you to change that file and to put functions or whatever and then we ask it also as a preventive way and it is preventive because also one of the things that you have to take into account is that maybe your plugin right now for whatever reason is done and it has not affected you so I can not show you that you can do something wrong but in the future when you edit the plugin when you make changes maybe if you leave something then all the good practices that you can apply to avoid all these kinds of things is fine for example we also ask to escape all the outputs when sometimes it is not necessary because there is an output that comes from a variable that is a fixed variable so they will not put anything for example that is yours but in this way it is requested because tomorrow you change that constant by a variable that comes from another site and so on and you do not remember to put the escape escapes everything that comes out is escaped everything that enters is sanitized by there question by there by there there goes the question by there question by there question when they are going to review the plugin we are in a template and we call the function home your to paint the site that is also strictly necessary to escape it even if it is a botles function because it has filters imagine me when I review when I review and I see it I say well I’m asking me to escape this but anyway but if it is requested even if it is so there are cases that are not but in order not to lose it is like that of the paths the same is that in the end you are not wrong you are escaping all the exits you do not have to go looking for exceptions of course you also think that you trust what you have in your database you always think so why do you have to trust what you have in your database you always think so why do you have to trust what you have in your database you always think so why do you have to trust what you have in your database you always think so why do you have to trust what you have in your database but well it says a function but of course for the end for all the outputs you think so why would you trust what you have in your database because you could change the value with the database and you are executing another plugin it puts a filter in the function that generates the url and that also happens so Paco is doing this little thing that makes the plugin can be identified of course of course the only thing that I have is to come to another plugin and copy the header for me to write to me likewise if you put anything in WordPress and you put handbook behind it or is going to put or is going to come out here the official documentation of all the headers that there are as are the headers of WordPress and here are examples of header that we could paste copy from gelo dolly and we will put by SEO Madrid that is going to be the plugin so the WordPress plugin normally put it if you have a website in which they talk about your plugin when more you put that that suggests you Paco is not that you get clash or not that you are suffering your own code until the artificial people polo polo hostia now let’s put it more mule instead good as already this the in the middle in that mess you are getting the eclipsing hostia incredible there is in the documentation apart from his face said of the AI in the documentation you have header and there is one that recently has said that it is very well that requires plugin that saves you a lot of PHP code in that you put the slug of the director of WordPress and then I point out if you want requires plugin? requires what does it do now if? the singular and plural I always have doubts and the good thing is that if it detects that there is a comment you get an interface so that you can activate then it is very useful and does not let you activate it until you create the dependency until it saves a lot of PHP code to see if it has been activated or not activated that is to say to fix in a line how fast we have the dependency in fact we are going to leave it put and this way you see it come and ready already this is already a plugin we are going to see how it is seen we have already tested it we have already tested it we are going to see the description that we have created so pretty ok now I would go this one is the one that I have in the local requires plugins that is the two in plural host there is nothing this is what we were talking about that is always the because we will not use them in our time of total development to use it daily we will always have to be synchronizing synchronizing what now will to press to see that synchronize the local shibos and already we would have it is fast but hostia this pressing all the time every time that we make a change is like a muchedioso as you see as it has gone out the interface requires plugins that is the quides with that with that but with that this with of if it does not catch it well, no esta bien puesto si si lo coge con ese requires plugins y a más a ver si a que no lo dejas lo activarlo vale un toro claro aquí te dice normalmente te sale un enlace no se si como joaquinplegrablo esta cambiando para que te pueda instalar el plugin depende si porque a lo mejor no tiene acceso a descargarlo porque no se ahora mismo the confirmation like it does not have the network can be clear if it does not mark it paco does not look at that is that if if if you let you now if you leave this is so the that this is the only thing to that we do that we do that we do catch change you have to be ator while reloading but good no but equally you get out you get out here already link there already we can install it installed, this very comod but remember that you have the slope as in the case this that we say of the feseo framework you will have to visit the web and the part of up of the laurre you have to catch him and then already we have a plugin we are going to see if we can activate it or instalabos like that remove them requires them easier clear and thus you see a change I save it I come and synchronize and all time every time that we make a change has to be this process and already we can activate it and we give it and already we have an activated plugin that does? nothing at all is a shit is a shit clear it says it until the ida but this already is a plugin and already is an environment already you can be running with this and now the question is clear that we do that do the plugin is called “didicxlydic” but well you already this a little if it invents things says that do the complete song and I sing it (laughs) cado now is the moment to put here “cococopash” and what we have to keep in mind is as we communicate with WordPress that normally the place to put here as if this can anything a PHP echo bar dump directly of what we want to show because we want that or that it is shown in some place or that it modifies some behavior of WordPress or that it includes something in another plugin of WordPress as it can be bucomes this the whole system of hooks that that is already seen in the “Helludoli” that has an attack that the hooks are, there are two types are the “action” and are the “filter” that difference between the two if someone wants to comment before a good practice because we are not modifying code we are adding or removing this is a good practice because one thing that happens on the pre is that if we update plugin if we notizamos this tegea code things break then it is much easier not to break that difference is in the hooks between actions or filters anyone brave? or not brave enough to like dig around there for there are encouraged yes yes yes yes yes, I imagine that you will be doing you will be doing a sending of information and when you are doing a filter you will be asking for information well there is something if you are an action is, I want to say, in an action you can do a filter or so if you can do an action of requesting information or filtering a filtering would just be of this information yes, that’s going to be filtering for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, that’s for sure, at that moment of execution you’re telling it what code to execute, you’re telling it a code of yours, of your plugin or well, it can be your plugin, it can also be your plugin, it doesn’t have to be yours, but basically you’re telling it that at that moment when WordPress arrives at that point of execution to execute this, that normally there is a function that you age, it can be a method of a class, it can be a function directly, and so on, when it’s a filter, and that’s why it’s a “filter” and so on. The difference is that you end up executing code at that moment but the objective of that edition is to modify something WordPress at that moment of the execution sends you a parameter with which it is working, it sends you the data, that information that there is there you in your function you process it, you do what you want and you give it back to WordPress and WordPress continues its execution with the information that you have given back to him To what do you refer? I mean like an “action” would be an “action” I told you what I mean maybe an “action” would be like for example an atos base when you make a request you make a “select” give me this information and then you can filter that request tell me “follow me” this information but for example only men where the gender equal men where the gender equal man Not really but yes you can modify the database with the filters and you will see if it goes that way we are showing on screen there is a “plane” that is called “hooks filter” and the “hooks” as Frank says are holes where you can execute code and in the “action” is composed by several parameters one is the hole that is the “hook” that here we are seeing it the first one is very well “admignnotice” because there is a hole that gives “workpress” in the code I was saying to assimilate it to something to take a message to “fora” and it has seemed to me for example sorry so of this group but in a database it is that when you want the information or you ask for it or you ask for it filtered you do not ask for information but it is rather that you in that point execute something think that “workpress” is full of holes holes holes that it is giving you in fact the “plane” that are well done also leave those holes “wookcomers” the most popular you will know them and then not only allows you here you see all the holes and you see in order that the holes are executed and the holes can have functions and already executing that you can remove, remove and it would be “remove action” inside the slots there are functions and those functions you can choose to remove it or add it and you can also say “no, no, I want to add it” but before you do that you can say “no, I want to add it”, no, I want to add it” but before that is the third parameter that would be the priority then you according to you are in very good practice when programming because you are doing for example one thing that is done a lot in “wookcomers” which is the template file of checao or product page you copy it in your theme and modify it because when you update the “warp” in the wet template has been left osoleta then a good practice is “no, no, better, I’m going to put in my “pluggy” “adactium” or “remove action” and the functions that I see that are necessary because the holes yes you will see that they are quite immutable are maintained for a long time because by retrocompatibility they are going to be in “wookcomers” all the life and here you can see all the slots that are executed and well then there are these are the “fit” “admin” are not slots here for example the “admin” we do not have it here and that is executed in the “body” let’s say of the “admin” in the middle of before the title of a page and of course that is everywhere when it is executed “warps” with this you can say at the moment that “warps” loads the url do this a little bit or change me if it is a “fit” change the url to this or for example a case like very clear that I think we can show it is to change the title of the page or something like that change something of the page but I think that can be seen very clear with that in this case the title well is that I do not know if it will change because here it says “warps playground” as the title of the page I do not know if being inside “playground” well here a little thing of course the actions are running in PHPHP the theme is made in HTML, CSS a block theme then as you see it does not have so many hooks holes are not executed in PHPHP if you take a classic theme is a classic theme that if it is done is very important to have it in base so you do not know following the fullside editing that is added to WordPress creates a new concept of theme that are block themes where we no longer have PHP and we only have HTML and xml that allows us to put all these configurations so that the whole site works exclusively with block giving an infinite possibility that gives for a workshop 2 or 3 because WordPress changes fullside editing a tele one to generate wait let’s see anyone not to a 20 old sorry already touched it too much you do not touch the computer you do not touch the computer there is a way of a theme one that is not 20 old for example you have to be sure then the hooks that we were we have them in the admin we have it when it runs even we in our own for well we can put those holes but well that would be another story but come on those holes are very important and the plugin this or signal or signal as are those holes a good practice is to fill the amount of holes between those that creates the WordPress creates the theme and creates the plugins that you have your installed this to develop is super good and also look at the difference we have between a plugin a theme a classic theme a theme fulsa editing and just by the amount of gaps that we have in one and in another is that really a plugin for example the typical plugin that adds social networks at the end from the post is that really uses an action and that is over there here for example you see what we said that is called generate before content that has one or here it is showing you in the graphic area you see the action that is the gap and we can choose that even that function we could disable a remoactio the gap and the function could remove it and we have the title of the pages and if we put a conditional that is not at home or that is at home for example we could remove the title of the home pages but that with a line of ADACTI or remoactio if I’m going to make an example with get the title that can be filtered to put hello world 2025 updated that are very typical of SEO or we want to filter the title a filter of title and so it is clearly seen so that you see at the time of the documentation of warpre that is very important to review because we will be able to see how to run inside these functions because we will say for example why I have to escape to this function of warpre of the core because I have to be sanitizing this because maybe for some internal process it does not do it then as I know that yes I have to make lono going directly to the documentation to see it because there we are going to be able to see the internal execution of the play of ADACTI or of the function in concrete which we wanted to touch of title for example of title this is the base of our best friend the whole day is that we are going to be able to see directly how it works inside and the functions that they use is very necessary to know that execution process and especially if we need or not to escape this content or sanitize it in case it was rebe was an input and at the end is the filto at the end of that block because this is part of the core of warpes below there and notice that warpes says because this is a function that gives you the title of an article that is that “hello war” that we have seen there and warpes tells you at the end I give you back the title but before giving it back to you I am going to apply it in the title filter and I send the title in the second parameter in this case and in the third one the identifier of the article and this is so that any plugin can take that and say ok I am going to change it and I am going to do something different with this. good thing that also brings the documentation that below always has a lot of examples okay that for the community how you can use it okay here there are comments 9 years ago there are also functions that are perennial and that are not changing okay then here are many examples that the people are doing and that are not super useful to be able to program all kinds of modifications this is the resource that we will be using in our day to day ok this is going to be trust that there is documentation everywhere ok we have to make examples of that and we see it live well to the filter if you want and to the copy of here directly a good practice that now we are also going to know and that we in fact when we review plugins we say it is I do not know if you see the account when we do css or js that you have to put the version of your plugin continually ok and in other things also maybe you need to use the version of the plugin because apart from putting it in as PHP header the good thing is that in your plugin start to have a set of prefixed constants with a prefix of what you will need next to the plugin version is also used for example the main directory of your plugin and so well with the classes if not but you have already done but also go before if you do hooks that what I commented here a little bit here for example what we were saying we have here a header this is a plugin that is published in the directory and here we have the aspad and we define a series of constants that then we are going to use it for many things the most typical ones are the version I recommend this quite important because I already say when I am going to make a CSS gluing I will always use that constant then when I change version or update version of the plugin I change it in my header and change it in my constant and call sure that all the CSS that are glued and that are going to happen are restarted I do not know if you know that when the version within the CSS is put as a parameter to change the version of gluing also makes you reset because if you change things of CSS are not displayed well to the user to update then this is very important. user to update then this is very good practice then the file itself because many times we refer to the plugin or sorry to the main plugin file because I also put it in a constant url also because this is used for CSS binding and jms asks us the url where our CSS is going to be because I take it here in the main and then just add the folders and files that have this structure of play and to finish when we do a require or include of a file if we have not done it with composers also this we save this function that is being executed but in the own constant I am already putting it this part is another thing that has but these are the main ones that we always recommend for our plugin and here you see what we speak of security policy so that it does not load the PHP that you can… Faran has a file of the different forms that are registered and there it is infinity of times this is one at the end is that if it does not have this constant that the own WordPress defines it because that dies that PHP that cannot be finished executing and…. This is with this phyto that in the end to create a plugin is that above all is that it is to communicate a lot with those hooks and see what hooks run every moment so that you can enter your code there or you can modify the output that exists there, the output, the data or whatever in this case you see that it is a function adfirter add a filter and the said add the filter of title has put there directly the function this can be done this way or you can refer to a function to a class, to a moment of a class look and in a moment it makes you that Manny spoke to the AI with the leadings no, no, no, no, no Hey, sing, I enter! they are asking me to sing and what this function is doing is taking the title because the title has come from the other side and it is going to put it in a separate function, almost the same, yes, it is clearer, at the end all we are doing is concatenating yes, yes put it in the affix the name of the function the name of the function there in the second parameter, what is it? the second parameter, the name of the function as well as string aconde that well that the second parameter is the reference what is the function in this case? I was just saying the name of the function and then there is another parameter that you see that there is a 10 that is the priority with which it executes this is because there may be more plugins that execute this as well as once you give you put it first then etc.. and two is the number of parameters that the function is going to receive we are only going to use the first one because we have put two but the function only has one and it doesn’t matter so it works anyway and what we are saying is, okay when the title function is executed which is the default function that has warp and so on in the code that takes that title and we add that ssr. as you see in the fitro we receive the original variable that we want with it that variable can be of many types it does not have because it is of text in this case it is one of text then it is write of all any type there is some thing that you say how this is done in a plugin how it works day and we give it as well as a thought agrupal to see how it has day to thus solve a real problem something that can occur if we do not ask it if we do not ask chagpp that thing out there to see for example as you have mentioned to rice, I can think that when you put in a cart for example five products you apply a certain percentage of the story so I would be looking at rice and a rule on an external page for example of the first of which you are adding okay, and this is the search in spaco let’s see how it is normally done for this because this has been bucomers you have to look in the documentation of bucomers to see how to do that clear the problem that you have raised is when you add as five products something like that you get a discount for that what you have to do is modify the bucomers cart and the bucomers cart is that it has a parameter has an object if, an object has a discount parameter if I’m not mistaken well, to apply the coupon you can change the price you can use different strategies change the price or add a discount or add a coupon you can do different strategies also as you are commercially interested in putting it in the plugin we are going to look for a solution to that and we are going to do more not only us, you also look at us because this is obviously not ready we are not connected, right? no we’re not hooked up so this is the time to look in the documentation Did you say that an array would probably be an object? of course I said it because as you have said about the array as someone has given us programming does not know what is an array may be interested that you explain how an array works in the basic way if the day tomorrow you have to do something with an array that you know what it can be used for that’s why I also said the 5 products because you have to give information to some side of course well, there it is probably an object, I do not remember but we are going to make an object that has to make the cart and there you can modify these things but it is at the end in a quantity discount is that in the end it is that by the way when you find this type of problems a way to see how to solve them is to find a plugin that does it and says and this how do you do it pass me the hdmi and let’s see if we get something out of here. How do we get there? look at that chingadito! we have not downloaded a plugin we are seeing how it does it yes, I have put it in google I have put Vocommerce discount by quantity I do not know what it is showing a setting But what is this? well, here over there is a question there seems to be a filter that is called “willcommerce before calculate hotels” 10 minutes does not seem not scare me we are also wrong 10 minutes for questions right? Ah right! Ah that we take 10 minutes! Ah that already! over there you’re going to ask I have the hook why I’ve ever used it? Great! see things come out is “bookommerce card calculated fees” okay? “card calculate” maybe this one, what a coincidence, has anyone ever opened this one? yes and every time you say “ah yes sorry” yes you already have it but we don’t and I have it a little bit when more command more no, and more command more doesn’t do anything is a visual is part of the thing that he taught me and it is so that if you do it as well as cell phones well is there someone who was fighting with the a little bit the theme of the action and filter is very important for that because you see that the gap will always be so it is very good practice yes well, notice that here it happens a little strange thing that makes an “action” we have seen before the filter this would be an “action” I don’t know why it is an “action” if it modifies a couple… I suppose that it adds instead of… with the calculation maybe at the end so that they put it many times also the priority if we want it to do it after all the plugins maybe we have a very high priority it does this because really well, it has brought the function “attaction” really the original function “attaction” would be… this does not get along very well because they do it if, is that… because it has brought something that already… that is already extracted then, is this “hook” I see that it calls this function and I will see this function if I find it I will see what it does what happens is that the bald that has given a function that is called “buckummer” I do not know what … here is a little weird this is already wrong at the level of revision of plugins because it is not being able to set the name of the function so any other plugin that uses this same name because there will be a collision but it is not within the class, right? or if… ah, yes, it is true, it is true, it is true, it is within the class is that as it is not… yes, you have not brought it well, a comment to this that you are talking about the prefixes that we had not said it, we must always prefix the functions in the classes, we recently changed the directive from three digits to four that are the… sufficiently distinguish them from others then, normally what we were saying a little bit the “lou” are decisions that we have to make that then will come well in the future we have to use four digits and in this class for example, they have put it three digits which is more, isn’t it? “what” a low disk also like… it is a directive that we have put a relativante little good, it takes more time well, well of course, the plugins that were already can not change from now on if it says four digits then, let’s see what it does is a function called “bookomers custom search age” which is like… what it does is that it adds some additional money, from money to money and I see that what it does is that well, here it takes something here it takes a discount and multiplies it by minus one, of course, because it is adding a “sack change” so of course, if it multiplies a discount by minus one it becomes an anti-discount (laughs) sometimes you have to do things a little sloppy (laughs) and then what it does is that here it… it takes a variable and divides it by the total discount that is in the cart and adds one, I guess this is to make a percentage, I don’t know, and… and then it buys… this is going to be turned off with some check (laughs) ok, sorry, sorry, sorry, sorry, it’s just that… there was an older gentleman with this, see (laughs) and what he does is here he does a check down here he doesn’t do anything else, so from here down we can ignore it from here he has a… a bucomerscart@fi call and he adds like a reduction in the cart to the price I guess there would be Paco, what do you have? he this one up can put on the show to see if we can even super-statically (laughs) well it’s called buadvance discounts I don’t stick it for… (laughs) (laughs) (laughs) (laughs) look, huh? (laughs) what is it called? the… the… the… the… the… I’ll make it bigger with my super magic hand, you can hear me loudly (laughs) (laughs) (laughs) (laughs) buadvance discounts but if you don’t ask the AI if the AI is going to ride it for you, ok, ok (laughs) while there Paco I would like to comment on good practices I continued talking about good practices yesterday in the contribution I was talking about using a version control is important there are many on the market the best known guija that does that and especially with different directives to make code from others for example we use Kid Ignore for vendors folders that are not saved ehh …. ehh…. third party libraries, ok but if at the time of distributing plugins we can do it and… use a branch strategy to be able to work with them, ok there is one that is also very well known lately that allows you to make this unitary and it is… or the same as the TBD TBTrand based development and it works very well then version control to have other code always versioned and… and using branch strategies works very well Does Fruro have? Do we pass it? if it is that there is a nip directly here but if you pass it to him it is ok but let’s quarantine that it has we go well, one thing has already been given there to see, the thing also is to finish the whole installation of boomcomber it is necessary to create products, it is necessary to create a lot of things no, one comes to you already no, no, no, no, no, I do not believe that I do not have any left that is why I was seeing a little bit is the capital here inside? Yeah, there is the CSV, there is the CSV already, but look, it has a nip here, it’s Paco I’ll pass it to you by… by Slack mmmm pass me the URL by… I’m not going to take it away I’m not going to open the Slack here I understand it there eh, more little things sometimes I had prepared the whole part of scaping, things that… that is going to speak to us if, because we are going to comment on the scaping we comment, while you mount that we comment on the scaping now I have it here you have it here it here endured the alfaca clear I believe that it makes boletillas is that not for more than it does not give time has done all this we are going to see good, you have to go and tell them if they give us the afternoon also to continue with this all the afternoon and tomorrow also you are going to come here ok, equally at the end you comment it, here we have the filter, ok with what would be ok, the function is quite simple, the priority here is quite important, I will put a higher priority, of 10, we realize that the priorities go in strings of 5 or 10, almost all of them of 10, 10, 20, 30, 40, this is done so that they can, to give you space to put a priority of 9 or 5 normally, so that you go before or after and then, if you have to go to 99, then you go to 99 and you know that normally it is the last one, of course, let’s see, also as I finished all this is called very long, ok, and we have 10 minutes left, yes, yes, yes, yes, well, we had 10 minutes left, okay, one thing that should be quite clear, okay is this part of the documentation here, okay, that is the whole part of receiving and sending data, okay, that is one thing that we want to be clear about because of the fact, okay, that this generates one of the most common and most exploited security problems on the Internet, okay, that in the end, to be able to receive injections, okay, on our page, okay, okay, that’s why we always have to follow a guideline, okay, escape as early as possible, that is, sanitize, no, sanitize, sanitize as early as possible, okay, that is, when we receive data through a post, through any site, okay, through a call we have to sanitize and with the functions that WordPress gives us, okay, we don’t have to reinvent the cycle, okay, WordPress already has a lot of sanitizing functions with which we will be able to disinfect what we already receive, okay, okay once of this, we are going to validate it, we are going to always, always, always, always, always validate what you receive, okay and I never went from what you have to save the base okay, so always escape it, it is not that it is the post, well and who says that they have not infected the input anything, that you have to keep in mind, not only for your plugin, but for the rest of plugin or the rest of the installation, it is worth because you are not going to know if the plugin of truth lab this has a vulnerability a very typical thing also of sanitized is the API, when it connects you an API to see, normally you should not be infected the API, but they can infect you the API, what you bring you of the API you also have to sanitize and in the end, as that you do not trust anybody of who is going to bring you, if it is of the base of acts, if it is of an API extena or any thing if, as in addition one asks bread, that gives equal sanitize the five times, it does not matter it is not going to be something that adds much time of execution, so there are different types of functions of sanitized according to the variability that they bring you for example email if it is a text if it is a title, etcetera sanitizes the title, it seems to me that what it does is that they are going to commit that and always to use it, that they agree that moment we do not use a generic one if we are not very clear, because we enter in any of them and we see what it executes, ok, this is the bread of every day, okay the same as with the rest, I recommend with the rest of the functions the same, okay check it, because we always look at many functions of WordPress as the Detight, there are a lot of functions that we look at but who tells us if you are protected or not by the only way is to enter here and see if they are protected or not to know if we need to escape it or not when we take it out, that information is worth, there is a question Have you commented on the issue of runtime? I would imagine to see, for already get it into account going forward that the ones that most add will be requests to the database I would imagine that most add runtime because that’s the one that reelevan you just being relevant the thing is that the database calls if they use the default WordPress functions the URL that edited all this really doesn’t matter so much if they query the same information five times because the WordPress body caches it and doesn’t query the database again when it already has but yes, the database is one of the most important factors when analyzing why a website takes a long time to run one of the things that you look at is how many queries it’s throwing at the database and you see that it’s throwing 400, 500, 600 is a little bit exaggerated in plan is called query monitor I imagine you know that there they tell you the queries and the requests that it makes is a little bit for performance of the page of course, it was in order to I imagine that you that you have seen much more if you could say the typical 3 to 5 reasons why more you are overloaded maybe a plugin in order to if that generally if you pretes call query to the database or if there was something else that you know another also very typical makes requests to an API that brings you then there is a good practice, you use transient that save database the value of that API and you do not have to be continuously asking for an API another thing that you should not do or avoid it is to call libraries from outside we will always try to have the libraries in our plugin, that is, we do not download it and install it typical Google Phone for example well, there are specific things that we can call outside, such as fonts and so on that is allowed there is much to have it inside but for example in the repo is allowed but many people, a slider that damage of a slider for example a carruxer, take the library of the JSA and take it in an external is always better to have it inside the plugin itself in fact we ask to do it except for exceptions, as sources because the good CDN, the one of yours gives you a second of loop at the time of loading the page that is brutal of course, the one of yours free not yours, no sorry, is from phone to Weesson phone to Weesson is brutal then you bring two files, which is CSS and icons because there you remove quite a lot and also important to check what library has Word, but in itself because it is always the super typical and Word has a list of libraries already loaded that is quite large so always check it also in the version will see if new things are added so it is one thing, to keep up to date that will be quite good and also beyond the efficiency talking about the libraries that are loaded from outside a few months ago happened that a very famous library that many people loaded, I don’t remember the name but it was maintained by someone and a chinese company bought the domain of their web so they started to put Marwar in all the people that were loading that library through their cdn so well also for security, of course, it’s always going to be better to load it yourself also I appreciate a question hello, how about I found it very interesting I wanted to make a point on the subject of the development of the plugin when you have created the filter is good practice also check that there is the filter and that there is the function that calls because if you do not fall the whole page if there was no filter or there was no function to if the filter does not exist nothing would happen if the function does not exist if the function does not exist if the function does not exist if the function does not exist if the function does not exist to check what is the function rather than the filter I can effects and I usually put it because sometimes even depending on another plugin in the case of the requires, I did not know that you could request that another plugin was activated and present in the system because it is what you say that desativa Google Comerz for an update or whatever and if there is a plugin that is calling those functions as you do not find them you go the whole page in fact that header that was programmed does not allow you to disable the parent okay and then a question on the issue of vulnerability is that it is a super important topic you I have a prefilter or some kind of software that makes you an initial analysis but I for example I’m doing it for a project and with Chimera you will analyze the whole issue of strings that do not escape from conflicting calls or rl and the truth that has quite hallucinated because it also analyzes the entire page and come all plugins and there are some that have some vulnerabilities of code execution directly that you can inject whatever you want. There is a project that we have in the team that is open that you can download that is called plugin check plugin and has a lot of execution to all as we have been talking about gives you an interface, you open me yesterday in the contributor and then what you do is that it installs it in your work this always tries to run it locally what you tell him what plugin you want to analyze and gives you a report quite desobstivo of a lot of vulnerabilities that may have. So this tool has been around with us for a while and it is working very well and you can use it without any problem and also the project is open in Gija so that you can contribute any of you can contribute any of you can contribute here in a public with an ISO a public with some contribution has been made some public that now is that you have the project so you can see how the process is going to act, what are the checks that we have active, this you can not check here as if someone is encouraged can contribute here and put what you want. Here you can see the list the list of checks that we have right now that there are a few and for example what I was talking about in Paco the escaped of going sanitized and he tells you that where it is because they are both codes in Plagio also more complex because it is more difficult or easier to miss something and you get a tool that helps you a lot so there is a question, yes, yes you have a question is that basically we use the plugins to create custom functions for a client then, you want to know if there is a way just as there is a that you can ask to load another plugin if you can also ask to control that you make a certain theme that you have to a theme, I mean for the plugin to run it will have a theme that you have already created or a commercial I understand that yes because the theme is saved in the options table and you take the function getoption and it is called theme/slash or something like that or Carren theme is one of them and it tells you the name of the folder of the theme the name of the folder of the theme that is currently loaded with that you can also check if the theme for whatever includes a function or a class or whatever because you can check if the function exists or if the class exists and with that you can see if it exists and with that you can see if it is a theme that exists or not. the class exists and with that you can see it because I’m not sure if that’s going to work at all because it also depends on the time of execution which is that I don’t know if the plugins load before or after the theme and you can check inside hooks because surely there is a hook that is after the theme loads there is a hook that activates the plugin after the theme loads check me if there is a certain theme and from there you can start to execute your code if sometimes you have doubts about how to do this there are a lot of themes that tell you hey I have a requirement for the plugin and then you can start executing your code. they tell you hey I have the requirement of this and this plugin there you can easily see how it would be done the best way to see how to do all things WordPress is seeing someone who has already done since it is OpenSor and that is the benefit that OpenSor gives us to see how the made another clear and one thing to keep in mind is that in the development is the order of execution because when all the plugins are loaded if your plugin starts with A and want to check if there is a plugin loaded that starts with B you can not do it before they load all the plugins there is an action that is called plugins loaded that is executed after all the plugins are loaded but out of that if your plugin for sometimes gives god is before the other because your plugin is executed before the other technically as you see we could be all day talking about plugins and nothing more than us in the hallway where there is ask us the pasillas because at the unímedia the family photo and we are not going to leave I do not know if there are any more questions any quick question or come on let’s take the picture thank you very much [Music].

ordion content.