Upload
susanwrotethis
View
447
Download
2
Embed Size (px)
Citation preview
KICKING THE TIRESA LOOK AT SELECTING PLUGINS WISELY
Susan WalkerMarch 17, 2016
“I LOOK AT THE RATING AND THE NUMBER OF DOWNLOADS. ISN’T THAT ENOUGH?”
Some Random Dude
KICKING THE TIRES
KICKING THE TIRES
WELL, IT’S A START.
Accessibility PHP ErrorsHTML Validation
Mobile Friendliness
Download TimeSEO
Friendliness
Browser Support
Minified Files
Memory Usage
WordPress APIsSecurity PracticesCSS
RulesJavaScript Errors
Plugin Conflicts
QueriesUX
Caching Translation
s
KICKING THE TIRES
There are a LOT of best practices to aim for.
WELL, IT’S A START.
“THIS IS OVERWHELMING. WHERE DO I EVEN START?”
Dazed and Confused
KICKING THE TIRES
KICKING THE TIRES
DEFINE WHAT YOU NEEDFirst, clarify what you need in a plugin — the necessary features, the optional ones and those that are undesirable.
KICKING THE TIRES
DEFINE WHAT YOU NEEDBe realistic. We all hope to find that one perfect plugin …
KICKING THE TIRES
DEFINE WHAT YOU NEED… but what we end up with will invariably be more modest.
KICKING THE TIRES
DEFINE WHAT YOU NEEDOften the goal is to recognize and avoid the worst clunkers.
KICKING THE TIRES
AUDITED PLUGINS
Here are a couple of sites with lists of plugins that have been tested thoroughly by others.▸ Tidy Repo
tidyrepo.com▸ Sites
sites.usa.gov/plugins/
“THESE SITES ARE AWESOME, BUT I DIDN’T FIND WHAT I NEED. WHAT DO I DO?”
Perplexed in Philly
KICKING THE TIRES
KICKING THE TIRES
START SEARCHING
▸ Search the repository using different terms
▸ Do a Google search▸ Read “best of” lists and
plugin comparisons▸ Check professional forums▸ Ask colleagues
KICKING THE TIRES
START SEARCHING
Production web sites are like fingerprints; no two are exactly alike. The ideal solution for someone else’s web site may not be what’s best for you.
Assuming you’ve found a few possible candidates, it’s time to look at them more closely.▸ Search the plugin name + the words “error”, “bug”,
“issue” and “plugin conflict”▸ Search the plugin name + the word “security”▸ Read the tickets on the plugin support forum▸ Get an idea of how often the plugin is updated
KICKING THE TIRES
DIG DEEPER
KICKING THE TIRES
NOW TRY IT OUTInstall and activate the plugin on a test site before you try it on your production web site. Make notes (a sample worksheet is available from susanwrotethis.com):▸ What interface elements does it add to admin?▸ What does it output on the front end?▸ How well does it perform?▸ Are there any other considerations?
KICKING THE TIRES
NOW TRY IT OUTTake the time to add lots of content and work through your best guess for settings.
KICKING THE TIRES
NOW TRY IT OUTSolicit the help of the site’s users if you can. If you do, assign them specific tasks to perform, with a minimum number of repetitions. When you simply ask them to log in and look at a new feature, looking is all they’re likely to do.
KICKING THE TIRES
NOW TRY IT OUTTest the plugin with different user roles. An Administrator account may see something entirely different from an Author account.Plugins with custom capabilities may default to very strict access or very broad access. If you don’t check you can create user access problems or open up a feature to anyone.
KICKING THE TIRES
NOW TRY IT OUTDoes the plugin have too many settings to manage easily?
KICKING THE TIRES
NOW TRY IT OUTDoes the admin interface confuse your users during testing?
KICKING THE TIRES
TEST PLUGINS WITH PLUGINS▸ Plugin Performance Profiler
Reports on how plugins impact page performance▸ Plugin Profiler
Reports on plugin performance times▸ Query Monitor
Identifies queries, HTTP requests, PHP warnings▸ Plugin Inspector
Looks for vulnerabilities and deprecated code
KICKING THE TIRES
TEST PLUGINS WITH PLUGINS▸ Plugin Security Scanner
Checks plugins against the WPScan Vulnerability Database
▸ WP HookerReports on which hooks are firing, with time from start
▸ What’s RunningLists require() calls made in a page
▸ Get OptionsRetrieves and lists all the options for a site
“THAT’S A LOT OF TESTING. ARE WE DONE YET?”
Some Other Guy
KICKING THE TIRES
KICKING THE TIRES
TEST WITH EXTERNAL TOOLS▸ WebPagetest, www.webpagetest.org
Tests web site performance ▸ W3C Validator, validator.w3.org
Checks your web page for valid HTML code▸ CSS Lint, csslint.net
Analyzes CSS code quality▸ JS Lint, www.jslint.com
Reports on JavaScript code quality
KICKING THE TIRES
TEST WITH EXTERNAL TOOLS▸ WAVE Web Accessibility Tool, wave.webaim.org
Tests pages for accessibility compliance ▸ Mobile Emulator, mobiletest.me
Lets you see how pages look on different devices▸ SEO SiteCheckup, seositecheckup.com
Analyzes pages for search engine optimization▸ PHP Code Checker, phpcodechecker.com
Examines PHP code
KICKING THE TIRES
DON’T FORGET THE BASICS▸ Chrome console
Especially helpful detecting JavaScript errors▸ Link checkers
Look for 404 errors generated by the plugin▸ Google Webmaster Tools
On production it’s useful identifying subtle issues▸ WP_DEBUG
Enable this in wp_config.php to display PHP errors
KICKING THE TIRES
UNDERSTAND THE LIMITSThere’s only one way to be sure what a plugin really does.
KICKING THE TIRES
LOOK IN THE CODEDownload and unzip a copy of the plugin. Check out the readme.txt file and any other text files with plugin info.Running a series of text searches for common keywords in the code files can tell you a lot, even if you don’t know code.
KICKING THE TIRES
LOOK IN THE CODEnew WP_Query is used in custom queries of the posts table and is normally related to the display of content.$wpdb-> shows up when a custom query of the database is in the code.CREATE TABLE (case insensitive) indicates that one or more tables is being added to the database.
KICKING THE TIRES
LOOK IN THE CODEwp_enqueue_ indicates script or CSS files are being added.wp_schedule_ functions are called to add cron jobs.register_ creates something that will be used elsewhere; examples include register_sidebar, register_post_type and register_taxonomy.
KICKING THE TIRES
LOOK IN THE CODEadd_ comes up in many different contexts:add_option adds a new entry to the options table.add_meta adds a new entry to the postmeta table.add_menu_page adds a page to the admin menu.add_cap adds a capability to a role or a specific user.add_shortcode creates a new shortcode.
KICKING THE TIRES
LOOK IN THE CODEMost of the common keywords in WordPress function names have corresponding functions to undo something:wp_dequeue_wp_unschedule_unregister_ or deregiser_delete_ or remove_
KICKING THE TIRES
LOOK IN THE CODESix of the most powerful functions in WordPress involve actions and filters. These can be used to modify not only WordPress core behaviors but modify other plugins as well.
KICKING THE TIRES
LOOK IN THE CODEadd_action lets you add functionality to a code sequence.remove_action allows you to remove functionality.do_action is the point when that functionality executes.add_filter allows you to add functions to modify output.remove_filter allows you to remove modification functions.apply_filters is when the modifications are applied.
“PLEASE PLEASE PLEASE DON’T MAKE ME LOOK AT ANY MORE CODE THINGIES.”
Gnosiophobe
KICKING THE TIRES
KICKING THE TIRES
DON’T PANICIt’s OK, the code went away. Pause and catch your breath.
KICKING THE TIRES
FINALLY, UNINSTALLDid it leave a lot of garbage behind? Things to look for:‣ Orphaned tables‣ Custom roles and capabilities‣ Custom post types and postmeta‣ Options‣ Files‣ Cron jobs
KICKING THE TIRES
POSSIBLE OUTCOMES1. You found at least one suitable plugin.2. You didn’t find a suitable plugin, in which case you
have to build your own or hire a developer.3. You found a plugin with minor issues that its
developer may be able to resolve.4. You found a plugin that will partially suit your needs
and that you can extend with action and filter hooks.
5. You realize you had a bad idea, and you drop it.
KICKING THE TIRES
POSSIBLE OUTCOMES1. You found at least one suitable plugin.2. You didn’t find a suitable plugin, in which case you
have to build your own or hire a developer.3. You found a plugin with minor issues that its
developer may be able to resolve.4. You found a plugin that will partially suit your needs
and that you can extend with action and filter hooks.
5. You realize you had a bad idea, and you drop it.
KICKING THE TIRES
POSSIBLE OUTCOMES1. You found at least one suitable plugin.2. You didn’t find a suitable plugin, in which case you
have to build your own or hire a developer.3. You found a plugin with minor issues that its
developer may be able to resolve. 4. You found a plugin that will partially suit your needs
and that you can extend with action and filter hooks.
5. You realize you had a bad idea, and you drop it.
KICKING THE TIRES
HELP DEVELOPERS HELP YOU
When you find bugs or coding errors, report them on the plugin’s support forum. Include as much data as possible, including the plugin version and WP core version, whether you’re on multisite and whether WP_DEBUG is enabled.Try to rule out the theme or another plugin as a possible source of a problem.If there are specific code errors, the exact error, including the file and line number if provided, can speed up resolution of a support ticket.
KICKING THE TIRES
HELP DEVELOPERS HELP YOU
Taking the time to provide courteous, factual information about your problem can gradually build a positive working relationship that benefits you, the developer and other users of the plugin.
“NOW ARE WE DONE?”
It’s Thursday and I Missed My Nap
KICKING THE TIRES
YES, WE ARE. THANK YOU!
Susan Walkersusanwrotethis.com@susanwrotethis
KICKING THE TIRES
IMAGE CREDITS‣ Cover Slide: tire by Grimm Pics
https://flic.kr/p8PybuA, CC BY 2.0
‣ Slide 7: Neuschwanstein by Paula Funnellhttps://flic.kr/p/dbjzny, CC BY-NC-ND 2.0
‣ Slide 8: Craftsman House, Wallingford by brewbookshttps://flic.kr/p/njQ5f, CC BY-SA 2.0
‣ Slide 9: Fixer-upper (Abandoned Homestead) by J.N. Stuarthttps://flic.kr/p/4KsDZh, CC BY-NC-ND 2.0
‣ Slide 10: Ruby red pens by Marcin Bajerhttps://flic.kr/p/87dMAs, CC BY-NC 2.0
KICKING THE TIRES
IMAGE CREDITS‣ Slide 12: 51 by Sergey Norin
https://flic.kr/p/7EA74a, CC BY 2.0
‣ Slide 13: Fingerprint by Angelo Pereirahttps://flic.kr/p/3KjRyr, CC BY-NC-ND 2.0
‣ Slide 19: Switches by Jol Itohttps://flic.kr/p/KG5Te, CC BY 2.0
‣ Slide 20: Confused by Sarahhttps://flic.kr/p/6eBt8y, CC BY 2.0
‣ Slide 27: Rube Goldberg Machine by Jeff Kubinahttps://flic.kr/p/qCoDG, CC BY-SA 2.0
KICKING THE TIRES
IMAGE CREDITS‣ Slide 36: Chiaroscuro Guinea Pig by TRONOSKI Photography
https://flic.kr/p/bkQ2f3, CC BY-NC-ND 2.0
Creative Commons image licenses at creativecommons.org/licenses/.