Post on 28-Jan-2015
description
WordPress 3.0
Andrew NacinWordPress Core Developer
twitter @nacin web andrewnacin.comemail andrewnacin@gmail.com
Make sure WP_CACHE is true. Props nacin.
PHP 5.22011 Q2
WordPress 3.2
In nine weeks,WordPress 3.0
was downloaded12,654,147 times
http://wordpress.org/download/counter/
WordPress powers8.5 percent of the web
Acquia
WordPress is a CMS
Custompost types
Customtaxonomies
Theme development
The mergeof WPMU
Why WordPress is a CMS3.0
Custompost types
Customtaxonomies
Theme development
The mergeof WPMU
Why WordPress is a CMS
blogsite
a post type isa content type
What can post types be used for?
Everything.
Core post types
PostsPages
AttachmentsRevisions
Menu Items
They are your content and storage.
• Blog• Articles• News Releases• Portfolio• Products• Newsletter• Events• Tweets
• Employees• My Reading List• Documentation• Forums• Menu Items• Uploads• Logging• Revisions
Why?
Some use cases are obvious.• Articles, Newsletters, Portfolio, Events
Some are not.• Logging, Menu items
Leverage what WordPress does best
Performance• No direct queries• Utilize caching• Extremely light• Scalability
Ease• Full API• Full admin UI• Use existing
features• Why reinvent the
wheel?
Leverage existing features
What can posts have?• Title, content, excerpt• Author• Categories, tags• Revisions• Comments, Pingbacks• Thumbnails• Attachments• Custom fields (meta)
What can you leverage?• Templating• URL Rewriting• WP_Query• Capabilities• Admin UI, meta boxes• Feeds
Let’s put it togetheradd_action( 'init', 'my_employees_init' );function my_employees_init() {
register_post_type( 'my_employee', array( 'labels' => array(
'name' => 'Employees','singular_name' => 'Employee' ),
'public' => true, 'show_ui' => true, 'rewrite' => array( 'slug' => 'team' ), 'query_var' => 'team', 'hierarchical' => false, 'supports' => array(
'title', 'thumbnail', 'editor', 'excerpt' ),) );
}
What’s it look like?
Editing me
Let’s create a quick templatequery_posts( array('post_type' => 'my_employee') );if ( have_posts() ) :
while ( have_posts() ) : the_post();
echo '<h2><a href="' . get_permalink() . '">' .
get_the_title() . '</a></h2>';the_post_thumbnail();the_content();echo '<p>Read posts by ';the_author_posts_link();echo '</p>';
endwhile; endif;
Done.
/team//team/andrew-nacin//blog/author/andrew-nacin/
(excuse my CSS)
Custom taxonomiesdescribe your content.
Core taxonomies
Post TagsCategories
Link CategoriesMenus
They describe your content.
The difference between tags and categories is hierarchy.
• Topics• People• Cities
• Cities– Content: Travel blog
• Cuisine– Content: Restaurants
• Songs– Content: Concerts
• Actors, Directors, Producers– Content: Movies
Custom taxonomies are not new
• Database schema — WP 2.3, Sept. 2007• Custom taxonomies — WP 2.5, March 2008• Partial UI — WP 2.8, June 2009
• In WP 3.0 — full custom UI implementation
So basically, they’re now on steroids.
Specialties taxonomy
register_taxonomy( 'my_specialties', 'nacin_employee', array('labels' => array(
'name' => 'Specialties', 'singular_name' => 'Specialty' ),
'public' => true,'show_ui' => true,'query_var' => false,'rewrite' => false,'hierarchical' => false,
) );
Edit screen
'hierarchical' => 'false'
'hierarchical' => 'true'
WordPress 3.0 makestheme development and
customizations easier.
• Admin UI screenshot
How?
In our theme functions.php:
function my_theme_setup() {add_custom_background();
}add_action( 'after_setup_theme', 'my_theme_setup' );
1234
function my_theme_setup() {add_custom_background();define( 'NO_HEADER_TEXT', true );define( 'HEADER_IMAGE_WIDTH', 940 );define( 'HEADER_IMAGE_HEIGHT', 198 );define( 'HEADER_IMAGE', '%s/images/default.jpg' );add_custom_header( 'my_theme_header_style', 'my_theme_admin_header_style' );register_default_header( array(
'default' => array('url' => '%s/images/default.jpg','thumbnail_url' => '%s/images/default-
thumb.jpg', 'description' => 'Default Header' ),) );
}add_action( 'after_setup_theme', 'my_theme_setup' );
234567
8910111213
Custom Header, cont.
function my_theme_admin_header_style() {echo '#headimg { height: ' . HEADER_IMAGE_HEIGHT . 'px; width: ' . HEADER_IMAGE_WIDTH . 'px; }';
}function my_theme_header_style() {echo '#header { background-image: url(' . header_image() . '); }';
}
12
345
6
Menus
• Screenshot of menu admin
In our theme functions.php:
function my_theme_setup() {add_custom_background();add_custom_header( 'my_theme_header_style', 'my_theme_admin_header_style' );// ...register_nav_menu('header', 'Primary Navigation');
}add_action( 'after_setup_theme', 'my_theme_setup' );
In our theme header.php:
wp_nav_menu( array( 'theme_location' => 'header' ) );
1234
567
Menus
• Screenshot of menus in Twenty Ten
Evolving Theme Development
get_template_part()It’s basically include() on steroids.
Example:get_template_part('loop', 'archive');
Process:• Check for loop-archive.php. Check the
child theme first, if applicable.• Otherwise, check for loop.php.
Less Redundancy FTW.
get_template_part('header', 'home');
Is like calling:
get_header( 'home' );
Same deal: header-home.php,then header.php.
What’s with the theme improvements?
In 3.0, we weretheme developers.
Kubrick!
Twenty Ten
Power one site or 10 million.
WordPress Multisite
• The WPMU fork was merged• Massive merge sprint, followed by cleanup• Terminology/concept nightmare• TODO: Network admin UI improvements• TODO: Easier to manage, use, and install (in
that order
Oh no, please don’t.
define( 'WP_ALLOW_MULTISITE', true );
Only if you insist.
A new Network Admin
• New MU screen
Other cool features
• Pick a username/password during install• comment_form() and wp_login_form()
• Stronger authentication security by default• Bulk update plugins and themes• “Search Engines Blocked”• Rewritten initialization code
Follow along
• #wordpress-dev on freenode.net• http://wpdevel.wordpress.com• http://core.trac.wordpress.org• wp-svn – mailing list for commits• wp-hackers – plugin and core developers• wp-testers
What might be next
• Column sorting and a more AJAX feel• More features for custom post types and custom
taxonomies• Support for custom comment types• Better support for custom post statuses• Media/upload overhaul• Incremental admin, DRY, UX changes• Incremental improvements to multisite• Links as a post type• Roles/capabilities overhaul
Our philosophies.
codex.wordpress.org/Release_Philosophy
Decisions, not options.
Preferences have a cost.
• Too many means you can't find any of them.
• They damage QA and testing.
• They make good UI difficult.
• They confuse users.
Do something specific and do it well.
Defaults that work will lead the UI in the right direction.
The quality of an interface design is
inversely proportional to the number of designers.
If you're too lazy to do the homework and think through the big-picture rationale, I'm too lazy to
add the feature.
In the presence of good rationale, maintainers
should be willing to change their mind often.
Let’s talk security.
Qualys BlindElephant
BlindElephant is a web application fingerprinter.
Drupal, Joomla!, Liferay, Mediawiki, Moodle, MovableType, osCommerce, phpBB, phpMyAdmin, phpNuke, SPIP, WordPress
Versions < 1.0.15 and < 1.5.17 are critically insecure. Version 1.5.17 was released 3 months ago.
Percentage of installs running a critically insecure version?
JOOMLA 1.5.20
96 percent
Versions < 5.22 and < 6.16 are critically insecure. Version 6.16 was released in March. Versions 6.18 and 5.23 were critical security fixes released last week.
Percentage of installs running a critically insecure version?
DRUPAL 6.19
69 percent (and up)
Versions < 2.5.1 are critically insecure. (Released in April 2008.)
Versions < 2.8.3 are insecure. (August 2009.) Percentage of installs running a critically insecure version?
WORDPRESS 3.0.1
4 percent
Shared hosts suck.
security@wordpress.org
pre-release candidates for 3.0 were downloaded
75,000 times
QUALITY ASSURANCE
Questions?
twitter @nacin web andrewnacin.comemail andrewnacin@gmail.com