book

Building Web Apps with WordPress, 2nd Edition

by Brian Messenlehner, Jason Coleman

December 2019

Intermediate to advanced

543 pages

12h 52m

English

O'Reilly Media, Inc.

Book available

Read now

Unlock full access

Who This Book Is ForWho This Book Is Not ForWhat You’ll LearnAbout the CodeConventions Used in This BookUsing Code ExamplesO’Reilly Online LearningHow to Contact UsAcknowledgments
What Is a Website?What Is an App?What Is a Web App?Features of a Web AppMobile AppsProgressive Web AppsWhy Use WordPress?You Are Already Using WordPressContent Management Is Easy with WordPressUser Management Is Easy and Secure with WordPressPluginsFlexibility Is ImportantFrequent Security UpdatesCostResponses to Some Common Criticisms of WordPressWhen Not to Use WordPressYou Plan to License or Sell Your Site’s TechnologyAnother Platform Will Get You “There” FasterFlexibility Is Not Important to YouYour App Needs to Be Highly Real TimeWordPress as an Application FrameworkWordPress Versus Model-View-Controller FrameworksAnatomy of a WordPress AppWhat Is SchoolPress?SchoolPress Runs on a WordPress Multisite NetworkThe SchoolPress Business ModelMembership Levels and User RolesClasses Are BuddyPress GroupsAssignments Are a CPTSubmissions Are a (Sub)CPT for AssignmentsSemesters Are a Taxonomy on the Class CPTDepartments Are a Taxonomy on the Class CPTSchoolPress Has One Main Custom PluginSchoolPress Uses a Few Other Custom PluginsSchoolPress Uses the Memberlite Theme
WordPress Directory StructureRoot Directory/wp-admin/wp-includes/wp-contentWordPress Database Structurewp_optionsFunctions Found in /wp-includes/option.phpwp_usersFunctions Found in /wp-includes/…wp_usermetawp_postsFunctions Found in /wp-includes/post.phpwp_postmetaFunctions Found in /wp-includes/post.phpwp_commentsFunctions Found in /wp-includes/comment.phpwp_commentsmetaFunctions Found in /wp-includes/comment.phpwp_termsFunctions Found in /wp-includes/taxonomy.phpwp_termmetawp_term_taxonomy/wp-includes/taxonomy.phpwp_term_relationshipsHooks: Actions and FiltersActionsFiltersDevelopment and Hosting EnvironmentsWorking LocallyChoosing a Web HostDevelopment, Staging, and Production EnvironmentsExtending WordPress
The General Public License, Version 2, LicenseInstalling WordPress PluginsBuilding Your Own PluginFile Structure for an App Plugin/adminpages//classes//css//js//images//includes//includes/lib//pages//services//scheduled//schoolpress.phpAdd-Ons to Existing PluginsUse Cases and ExamplesThe WordPress LoopWordPress Global VariablesFree PluginsAdmin ColumnsAdvanced Custom FieldsBadgeOSPosts 2 PostsMembersW3 Total CacheYoast SEOPremium PluginsGravity FormsBackupBuddyWP All ImportCommunity PluginsBuddyPress
Themes Versus PluginsWhere to Place Code When Developing AppsWhen Developing PluginsWhere to Place Code When Developing ThemesThe Template HierarchyPage TemplatesSample Page TemplateUsing Hooks to Copy TemplatesWhen Should You Use a Theme Template?Theme-Related WordPress FunctionsUsing locate_template in Your PluginsStyle.cssVersioning Your Theme’s CSS Filesfunctions.phpThemes and CPTsPopular Theme FrameworksWordPress Theme FrameworksNon-WordPress Theme FrameworksCreating a Child Theme for MemberliteIncluding Bootstrap in Your App’s ThemeMenusNavigation MenusDynamic MenusResponsive DesignDevice and Display Detection in CSSDevice and Feature Detection in JavaScriptDevice Detection in PHPFinal Note on Browser Detection
Default Post Types and CPTsPagePostAttachmentRevisionsNavigation Menu ItemCustom CSSChangesetsoEmbed CacheUser RequestsReusable BlocksDefining and Registering CPTsregister_post_type( $post_type, $args );What Is a Taxonomy and How Should I Use It?Taxonomies Versus Post MetaCreating Custom Taxonomiesregister_taxonomy( $taxonomy, $object_type, $args )register_taxonomy_for_object_type( $taxonomy, $object_type )Using CPTs and Taxonomies in Your Themes and PluginsThe Theme Archive and Single Template FilesGood Old WP_Query and get_posts()Metadata with CPTsadd_meta_box( $id, $title, $callback, $screen, $context, $priority, $callback_args )Using Meta Boxes with the Block EditorCustom Wrapper Classes for CPTsExtending WP_Post Versus Wrapping ItWhy Use Wrapper Classes?Keep Your CPTs and Taxonomies TogetherKeep It in the Wrapper ClassWrapper Classes Read Better
Getting User DataAdd, Update, and Delete UsersHooks and FiltersWhat Are Roles and Capabilities?Checking a User’s Role and CapabilitiesCreating Custom Roles and CapabilitiesExtending the WP_User ClassAdding Registration and Profile FieldsCustomizing the Users Table in the DashboardPluginsTheme My LoginHide the Admin Bar from NonadministratorsPaid Memberships ProPMPro Register HelperMembersWP User Fields
Shortcode APIShortcode AttributesNested ShortcodesRemoving ShortcodesOther Useful Shortcode-Related FunctionsWidgets APIBefore You Add Your Own WidgetAdding WidgetsDefining a Widget AreaEmbedding a Widget Outside of a Dynamic SidebarDashboard Widgets APIRemoving Dashboard WidgetsAdding Your Own Dashboard WidgetSettings APIDo You Really Need a Settings Page?Could You Use a Hook or Filter Instead?Use Standards When Adding SettingsIgnore Standards When Adding SettingsRewrite APIAdding Rewrite RulesFlushing Rewrite RulesOther Rewrite FunctionsWP-CronAdding Custom IntervalsScheduling Single EventsKicking Off Cron Jobs from the ServerUsing Server Crons OnlyWP MailSending Nicer Emails with WordPressFile Header APIAdding File Headers to Your Own FilesAdding New Headers to Plugins and ThemesHeartbeat API
Why It’s ImportantSecurity BasicsUpdate FrequentlyDon’t Use the Username “admin”Use a Strong PasswordExamples of Bad PasswordsExamples of Good PasswordsHardening WordPressDon’t Allow Admins to Edit Plugins or ThemesChange Default Database Tables PrefixMove wp-config.phpHide Login Error MessagesHide Your WordPress VersionDon’t Allow Logins via wp-login.phpAdd Custom .htaccess Rules for Locking Down wp-adminSSL Certificates and HTTPSInstalling an SSL Certificate on Your ServerWordPress Login and WordPress Administrator over SSLDebugging HTTPS IssuesAvoiding SSL Errors with the “Nuclear Option”Back Up Everything!Scan, Scan, Scan!Useful Security PluginsSpam-Blocking PluginsBackup PluginsFirewall/Scanner PluginsLogin and Password-Protection PluginsWriting Secure CodeCheck User CapabilitiesCustom SQL StatementsData Validation, Sanitization, and EscapingNonces

What Is ECMAScript?What Is ES6?What Is ES9?What Is ESNext?What Is Ajax?What Is JSON?jQuery and WordPressEnqueuing Other JavaScript LibrariesWhere to Put Your Custom JavaScriptAjax Calls with WordPress and jQueryManaging Multiple Ajax RequestsHeartbeat APIWordPress Limitations with Asynchronous ProcessingJavaScript FrameworksBackbone.jsReact
What Is a REST API?APIRESTJSONHTTPWhy Use the WordPress REST API?Using the WordPress REST API V2DiscoveryAuthenticationRoutes and EndpointsRequestsResponsesAdding Your Own Routes and Endpointsregister_rest_route( $namespace, $route, $args, $override );Setting Up the WordPress Single Sign-On PluginAdding the /wp-sso/v1/check RouteBundling Basic Authentication with Our PluginUsing the Endpoint We Set Up to Check User CredentialsPopular Plugins Using the WordPress REST APIWooCommerceBuddyPressPaid Memberships Pro
The WordPress EditorThe Classic Editor PluginUsing Blocks for Content and DesignUsing Blocks for FunctionalityCreating Your Own BlocksMinimal Block ExampleUsing Custom Blocks to Build App ExperiencesEnabling the Block Editor in Your CPTsBlock CategoriesThe Homework BlocksLimiting Blocks to Specific CPTsLimiting CPTs to Specific BlocksBlock TemplatesSaving Block Data to Post MetaTipsEnable WP_SCRIPT_DEBUGUse filemtime() for the Script VersionMore TipsLearn JavaScript, Node.js, and React More Deeply
Why Multisite?Why Not Multisite?Multisite AlternativesMultiple Authors or Categories on the Same WordPress SiteCustom Post TypesTotally Separate SitesUse a WordPress Maintenance ServiceMultitenancySetting Up a Multisite NetworkManaging a Multisite NetworkDashboardSitesUsersThemesPluginsSettingsUpdatesMultisite Database StructureNetworkwide TablesIndividual Site TablesShared Site TablesDomain MappingRandom Useful Multisite PluginsGravity Forms User Registration Add-OnMember Network Sites Add-On for Paid Memberships ProMore Privacy OptionsMultisite Global MediaMultisite Plugin ManagerMultisite Global SearchMultisite Robots.txt ManagerNS Cloner: Site CopierWP Multi NetworkBasic Multisite Functionality$blog_idis_multisite()get_current_blog_id()switch_to_blog( $new_blog )restore_current_blog()get_blog_details( $fields = null, $get_all = true )update_blog_details( $blog_id, $details = array() )get_blog_status( $id, $pref )update_blog_status( $blog_id, $pref, $value )get_blog_option( $id, $option, $default = false )update_blog_option( $id, $option, $value )delete_blog_option( $id, $option )get_blog_post( $blog_id, $post_id )add_user_to_blog( $blog_id, $user_id, $role )wpmu_delete_user( $user_id )create_empty_blog( $domain, $path, $weblog_title, $site_id = 1 )Functions We Didn’t Mention
Do You Even Need to Localize Your App?How Localization Is Done in WordPressDefining Your Locale in WordPressText DomainsSetting the Text DomainPrepping Your Strings with Translation Functions__( $text, $domain = “default” )_e( $text, $domain = “default” )_x( $text, $context, $domain = “default” )_ex( $title, $context, $domain = “default” )Escaping and Translating at the Same TimeCreating and Loading Translation FilesOur File Structure for LocalizationGenerating a .pot FileCreating a .po FileCreating a .mo FileGlotPressUsing GlotPress for Your WordPress.org Plugins and ThemesCreating Your Own GlotPress Server
TermsOrigin Versus EdgeTestingWhat to TestChrome Debug BarThe WordPress Site Health ToolApache BenchSiegeW3 Total CachePage Cache SettingsMinifyDatabase CachingObject CacheCDNsGZIP CompressionHostingWordPress-Specific HostsRolling Your Own ServerSelective CachingThe Transient APIMultisite TransientsUsing JavaScript to Increase PerformanceCustom TablesBypassing WordPress
Choosing a PluginWooCommercePaid Memberships ProEasy Digital DownloadsPayment GatewaysMerchant AccountsSetting Up SaaS with Paid Memberships ProThe SaaS ModelStep 0: Establishing How You Want to Charge for Your AppStep 1: Installing and Activating Paid Memberships ProStep 2: Setting Up the LevelStep 3: Setting Up PagesStep 4: Choosing Payment SettingsStep 5: Choosing Email SettingsStep 6: Choosing Advanced SettingsStep 7: Locking Down PagesStep 8: Customizing Paid Memberships Pro
Mobile App Use CasesNative and Hybrid Mobile AppsWhat Is a Native Mobile App?What Is a Hybrid Mobile App?Why Hybrid over Native?CordovaIonic FrameworkApp WrapperAppPresser
PHP LibrariesImage Generation and ManipulationPDF GenerationGeolocation and GeotargetingFile Compression and ArchivingDeveloper ToolsExternal APIs and Web ServicesElasticsearchElasticPress by 10upGoogle VisionGoogle MapsGoogle TranslateTwilioOther Popular APIsMigrationsHost MigrationsPlatform MigrationsCreate a Data Mapping Guide
Where We’ve BeenThe REST APIWordPress Plugins Will Focus More on APIsHeadless WordPressGraphQLGutenbergThe Administrator Interface Will Move to React/GutenbergGutenberg Will Power a Frontend Editing Experience for WordPressBlock Templates Will Replace ThemesBlocks Will Replace PluginsWordPress Market Share Will Increase and DecreaseWordPress Will Become a More Popular Platform for Mobile DevelopmentWordPress Will Continue to Be Useful for Developing Apps of All Kinds

Content preview from Building Web Apps with WordPress, 2nd Edition

Chapter 1. Building Web Apps with WordPress

This book will help you build anything with WordPress: websites, themes, plugins, web services, and web apps. We chose to focus on web apps because you can view them as super websites that make use of all of the techniques we will cover.

There are many people who believe that WordPress isn’t powerful enough or meant for building web apps; we’ll get into that more later on. We’ve been building web apps with WordPress for many years and know that it’s absolutely possible for you to use it to build scalable applications.

In this chapter, we start by defining what web app’s are and then cover why WordPress is a great framework for building them. We also describe some situations in which using WordPress wouldn’t be the best way to build your web app.

What Is a Website?

You know what a website is: a set of one or more web pages, containing information, accessed via a web browser.

What Is an App?

We like the Wikipedia definition: “Application software (app for short) is software designed to perform a group of coordinated functions, tasks, or activities for the benefit of the user.”

What Is a Web App?

A web app is just an app run through a web browser.

Note that with some web apps, the browser technology is hidden—for example, when you’re integrating your web app into a native Android or iOS app, running a website as an application in Google Chrome, or running an app using Adobe AIR. However, inside these applications, there is still a ...