Product Management, WordPress, and some other odd things
I use Subversion externals extensively for my projects, and occasionally it’s useful or quicker to check something out without including all the externals; here’s the commandline incantation to do that:
svn checkout --ignore-externals [SVN URL] [local checkout folder]
I’m clearly in a fickle mood this month, as I’ve changed my PHP editor again, this time to Netbeans (thanks to the tireless nagging of @JJJ)… so far, so good. I particularly love being able to jump to declarations quickly and easily.
One hurdle I overcame today, and I’d be interested to know if there’s a more Netbeans-y way of doing this, is getting my beloved Xdebug clickable stack traces (see my previous post to get these working with Textmate and Sublime Text). Continue reading “Clickable stack traces with Netbeans”
I’ve been intrigued for a while by the fact the core wp_term_relationships table has a term_order column, as this hints that you could allow the user to explicitly order terms in a taxonomy. Today I did some investigation of this tantalising possibility.
My grandpa always wanted to keep bees. Or at least that’s how I remember it, him talking about it and me fascinated by the idea. For some reason the urge has resurfaced recently, and as luck would have it the local NamBeePamBee Beekeepers in nearby Scott’s Avenue Allotments have begun holding open days and now half day workshops.
Have a look at this. Ugly, isn’t it? But so so useful.
How much do we trust user input? Not. At. All. That’s how much we trust user input. You just don’t know where they’ve been!
WordPress has such a plethora of functions for escaping and filtering input and output, that I’m always discovering new possibilities. One I found recently is wp_kses, which allows you to strip out all HTML leaving only a limited set of allowed elements and attributes.
Continue reading “Filtering HTML to exclude all but a small number of HTML elements and attributes”
Yesterday I was explaining how I created a user role to edit a particular post type and only that post type. Today I want to show how you can use Mark Jaquith‘s excellent WP Help plugin to support these users. The issue I wanted to solve is that a freshly installed copy of WP Help only shows up for users with the edit_posts capability (i.e. any users who can access and edit posts on your WordPress site).
Continue reading “Extending WP Help to users who can’t edit_posts”
I’ve just had to break out some serious Capabilities in WordPress today, and I’m documenting the process here in case it helps me in the future (or the past, though it seems unlikely) or anyone else.
The scenario i: I have a custom post type (Video) and I want to allow Editors and Admins to do whatever they want with it. Contributors and Authors (and below) shouldn’t be able to do anything with Video, and I want to create a separate Video Editor role which can do whatever it wants with Video posts. Video Editors should be able to upload images to use as Featured Image for a Video post, but not, as far as possible, mess with the other images in the site.
Continue reading “Capabilities for custom post types in WordPress”
Today I found myself wanting to use a query similar to SELECT DISTINCT post_id FROM $wpdb->posts WHERE meta_key IN ( 'string_x', 'string_y', 'string_z' ), but where I needed to construct the values for the list of strings from an array of untrusted values (because we never trust inputs, we always look suspiciously on them if they’re going near the DB). Looking through the core code, it seems like there’s currently one place it does this and, while less elegant than the WPDB class prepare method it’s worth me remembering for the future, so…
Continue reading “Escaping lists of strings for SQL in WordPress”
I spy a nice opportunity to document some jQuery UI functionality I’ve been playing with this afternoon, for a soon-to-be-revealed client project. The project needs photo galleries, and as these need to be tied into the other custom post types and taxonomies, I’m quickly rolling my own so I can completely control the experience for admins and viewers. This is not so much a tutorial, as a quick glance through the code from the back of a galloping horse.
Here’s a quick screen capture of the organiser in action.
Continue reading “Dragging, dropping and sorting, with jQuery UI”