Custom WordPress Plugin

Author: Shagan Plaatjies

Table of Contents

1. Description
2. Features
3. Installation Instructions
4. Custom Fields Implementation
5. Documentation Considerations

Description

This WordPress plugin is built on Bedrock and uses Composer and for version control and Sage 10 for templating. Allows users to add and display custom fields on the front end of WordPress posts. It implements custom text, date, and image fields with user-friendly customization options for a course summary card.

Features

1. Custom fields for posts (text, date, image).
2. Front-end display of custom fields with custom post type.
3. User customization option for round and squared style elements.
4. User customization option for date format.

Installation Instructions

1. Download the plugin file from the repository's /Plugins symlinked folder.
2. Upload the plugin folder to /wp-content/plugins/ in your WordPress installation.
3. Activate the plugin through the 'Plugins' menu in WordPress.

Custom Fields Implementation

Fields Used

• Duration (Date)
• Methodology Icon (Image)
• Methodology (Select)
• Course Summary (Text)
• Border Style
• Price (Number)

Inspiration

Demo/Preview

Custom Post Type:

Custom Course-Related Fields:

Conditional Rendering Display Options

• Rounded borders + Absolute date format + button configuration.
• Squared Borders + Relative Date format + Removed Button

Implementation Details

• The plugin implements custom fields for displaying images, dates, and text.

Customization Options

• The border style field offers the choice of rounded or unrounded edges.
• Date fields allow users to select from different date formats and use different date formats.

Documentation Considerations

• Source and Plugin Version Control: Utilized Bedrock with Sage 10 and Composer for clean and maintainable source and plugin control and strict, modern configuration access control.
• WordPress Theme Customizations: Used a Child Theme to ensure customizations remain intact after theme updates.
• Plugin Repository Independence: Employed symbolic link structure to separate concerns of plugins, themes, and their host WordPress installations. This enables compatibility testing and cleaner repository creation.
• WordPress Theme Customizations: Used a Child Theme to ensure customizations remain intact after theme updates.
• Plugin Repository Independence: Employed symbolic links to make the plugin repository independent of specific websites.
• Choice of Tools: Avoided tools like Advanced Custom Fields and Custom Post Type UI plugins in favour of a manual approach.
• Plugin Implementation: Implemented as a Must-Use plugin to separate it from the theme and load it early during WordPress initialization.
• Input Sanitization: Sanitized the text fields to prevent script-injection.
• File Access Control: Employed absolute path checks to restrict PHP file access within to WordPress.
• Security Measures: Used nonce's to prevent cross-site request forgery attacks.
• Script Injection Security: Utilized esc_attr() and esc_html() functions to escape attributes and HTML text for better security, in addition to input sanitization, reducing the risk of XSS (Cross-Site Scripting) vulnerabilities.
• Translation Accessibility: Used translation functions (esc_html_e()) instead of echo, enabling translation plugin support to improve accessibility.
• Code Readability: I've formatted and split the codebase into multiple files according to WordPress best practices for streamlined collaboration.