[wp-hackers] Is there a plugin-writers guide that discusses
security and other recent changes?
davebytes at comcast.net
Tue Feb 13 17:56:12 GMT 2007
With concepts like:
- the right way to do user access checks (preventing access to a
particular plugin, or plugin's options, for example)
- when and how to use Nonces for admin panel security (for people like
me with extensive custom plugin management pages, forms, etc...)
- how to best implement simple options (a few checkboxes) versus custom
options (like my cg-amazon management interface, search, add, remove, etc.).
I need to update all my plugins, would like to make sure I'm hitting ALL
the 2.0.x and 2.1.x enhancements to security (and any other
functionality). I've seen docs with some mention of what plugins need
to do to support the newest WP releases (table name changes, global
changes, etc.), but certainly not wide enough coverage of bringing 1.x
plugins fully up to spec with say 2.1... ;)
Not to mention that I should change some of my plugins from storing
on-disk to saving into the db options field (which will remove some
headaches from install, I think...).
More information about the wp-hackers