[wp-hackers] Fwd: [GSoC - 2014] Introducing Myself

Ian Dunn ian at iandunn.name
Tue Mar 11 17:29:19 UTC 2014

On 3/10/14, 12:27 PM, Deven Bansod wrote:
> Meanwhile, I have prepared a rough application draft for the Project
> Description on my blog.

Thanks Deven, this looks good :)

Here's a few things to take into consideration:

* Because the plugin will use custom post types, it's not necessary to 
bulid a custom CSV exported. WordPress' export tool will already 
recognize the data and is able to export it just like it would with 
standard posts and pages.

In general, it's always best if you can leverage Core's API to do 
something in a standard way, rather than reinventing the wheel.

* JavaScript can be used for data-validation on the client-side, to give 
the user immediate feedback when they enter something invalid, but it's 
important to remember that it also needs to be validated on the 
server-side, since nothing on the client side can be trusted from a 
security standpoint.

Validating on the client side is optional and improves UX, but 
validating on the server side is mandatory to prevent things like SQL 


* It's important to use gender-neutral language. The WordPress community 
has a very high percentage of women involved at all levels, and using 
only masculine pronouns can be unintentionally dismissive and exclusive.

I'm sure that you didn't mean anything like that; it's a hard habit to 
get out of and something I catch myself doing too. But it's important 
that we encourage each other to be more inclusive and keep each other 

More background info and alternatives are available at 

Other than that, your proposal looks good and is on the right track. If 
you haven't already, just make sure you're following the other 
discussions about the Forms project on wp-hackers and #wordpress-gsoc so 
that you can learn from them as well.

I also noticed you've got a few plugins in the wordpress.org repository, 
which is great! That'll give you valuable experience and help you get 
started quicker if your proposal is accepted. I took a quick look at 
them and have a few suggestions:

* Instead of echo'ing HTML via PHP, you can close the PHP tag and output 
the HTML raw, with PHP tags inserted as needed. That makes it much 
easier to read.

For example: 

* Rather than issuing SQL queries directly, you can almost always 
achieve the same results with the WordPress API. For example, 
get_posts() instead of SELECT * FROM $wpdb->posts.

That is generally easier, more performant, more secure and more 

http://codex.wordpress.org/Function_Reference can be helpful to get an 
learn what's available to you.

* It's important to use meaningful variable names. Names like $a and $r 
require anyone reading the code to go through it line by line to figure 
out what it's doing, rather than it being obvious.

* It's best to follow the WordPress coding standards at 
http://make.wordpress.org/core/handbook/coding-standards/ so that your 
code is consistent with the rest of the community.

Thanks for the work you've put into your proposal and plugins, and good 
luck with the process. Let me know if there's anything I can do to help.

More information about the wp-hackers mailing list