[wp-docs] Validation Error with Plugins Might Need Attention in Codex

Owen Winkler ringmaster at midnightcircus.com
Wed Mar 9 22:23:54 GMT 2005

Should there be a warning about it in the Plugin pages?  Sure, but I 
wouldn't make a huge issue of it.  As I said, there isn't much cause to 
use sessions in WordPress plugins anyway.  Add a note to the Writing 
Plugins page about it, add some info in a related FAQ about it, move on.

!!!Using PHP Sessions
Please avoid using PHP session statements in your plugins (like 
<code>session_start()</code>) because the output that PHP produces for 
browsers that don't support cookies will break XHTML validation on a 
WordPress site with the plugin activated.

> Does this error cause harm to the site or content?  It is just annoying to
> me, but what do I know?

It can cause your site not to validate.  If we're predicating getting 
theme/CSS assistance in the forums on whether the site's code validates, 
then this would be an issue.  Otherwise, not much damage is usually 
caused by breaking XHTML a little here and there.  Usually this 
particular issue doesn't break layouts visually, and isn't even detected 
until you try to validate the page.

If a user discovers that one of their plugins causes their site to 
produce invalid XHTML/HTML output, they should disable that plugin and 
email the plugin author about the issue or if the plugin is in the 
repository, submit a ticket in the wp-plugins.org issue tracker.  This 
advice would be the same for any plugin that breaks a site.

> In the article  at
> http://blog.crispen.org/archives/2005/03/09/wordpress-validation-error-work-around/ 
> he has a work around, but he calls it dangerous.  I wouldn't know dangerous
> workaround if it bit me in a private part.  Is it?  

Well, the first "workaround" is to disable the offending plugins, which 
is just what I suggested.  This has an obvious downside, but only the 
site operator can determine which is more important, validation or that 
plugin's operation.

The second workaround seems reasonably safe, but it'll most likely have 
an odd effect on plugins that rely on sessions and process hits from 
browsers that don't accept cookies.  He says he only knows of one such 
plugin, and he found a replacement for it.

Short answer: No, not dangerous, but the plugin that uses it probably 
won't work as expected if you apply this "fix".  Better to find a 
different plugin that does the same thing or petition the author not to 
use sessions.

We've now both written tons more on this issue than what Codex will need 
to contain.  :)


More information about the wp-docs mailing list