This post was originally published on my blog
One of the best features of WordPress is the extendability of its functionality via plugins. It reduces the risk of directly modifying the source code in the WordPress core system or any plugin that you need to extend the functionality. There are a few facts that you need to keep in mind when developing a plugin. In this article, Let’s talk about what are those facts and how you can apply them.
Catchy Display Name
The display name is the main trademark of your plugin. It should be unique, readable, and defines what you’re going to provide. When choosing a display name, it is better to avoid names that are already trademarked.
There are certain cases that you need to create and publish plugins that extend the functionality of an existing plugin. One such case is creating a payment gateway plugin for Woocommerce. In this case, developers most of the time use the trademark “Woocommerce” in their plugin name (Example: My Payment Gateway - Woocommerce OR My Payment Gateway for Woocommerce) and that doesn’t restrict you from publishing the plugin because you don’t use the trademark for any illegal reasons.
Test up to the latest version of WordPress
Before publishing or requesting to get published, you should test your WordPress plugin with the latest WordPress version available because if the tested version is older than the latest version, then the plugin will not appear in the search results.
Data must be Sanitized, Escaped, and Validated
In order to avoid Cross-Site Scripting attacks and Man In the Middle attacks, the user input data such as POST/GET/REQUEST/FILE calls should be sanitized.
The data should be validated in order to check whether the relevant data get entered into your plugin.
In order to display correct data to your users, the data should be escaped properly. Escaping will strip out unwanted data, like malformed HTML or script tags.
Unique function names, namespaces, and class names
When developing a WordPress plugin, It is best to use unique function names, namespaces, and class names to avoid conflicts with current plugins. The WordPress Plugin Developer Documentation recommends using a prefix to every function name, variable, and class name.
Example: Let’s say you create a plugin named “The Best Plugin In the World”. You can use the prefix: “TBPW”.
Note: Don’t use two or three letter prefixes as there are nearly 100,000 Plugins in the WordPress plugin repository.
Make your plugin Translation friendly
If you have any idea to translate your plugin to one language or multiple languages, then it is better to use methods such as _()
for basic strings and _n()
for strings with pluralization.
More info on translating and internationalizing your plugin: Click Here
Disclose Third Party Services if you use any
WordPress recommends disclosing any Third-party services such as APIs you use and data that you collect inside your plugin to maintain full transparency with the end-users. You can use the readme.txt file that you use to maintain plugin details to explain the services you use.
Other things to take note of
Use if ( !function_exists() ){}
condition around your functions and if (!class_exists() ){}
condition around your classes to avoid any conflicts with other plugins.
Avoid using __
(double underscores), wp_
or _
(single underscore) for naming variables, stand-alone functions, and classes because they’re reserved for WordPress itself.
Use a banner and screenshots of your plugin to explain the features of the plugin to the user. More info on plugin assets such as banners can be found here
Those are a few of the facts that you need to consider before publishing plugins. You can refer to WordPress Plugin Handbook to learn more about not only the guidelines but also the techniques that can be used to create plugins.
Happy Coding!
Top comments (0)