Here's a short and purely subjective list of bad coding paradigms that are used in Wordpress for years. Some of them are critical security issues that WP developers don't seem to care about:
- all files are stored in public directory
- access to php files in main dir and template dirs is not forbidden by default in .htaccess
- no official template engine support
- templates are written in php mixed up with html
- autoupdate installs new themes made by WP developers by default
- wp-login lacks any protection from bruteforce attacks
- no official SQLite database support
- classic editor is only available as plugin now
Fortunatelly, some of those problems can be avoided. I don't imagine using Wordpress without clean MVC template structure, Twig, SQLite (for smaller pages), denying access to everything except assets in template dir and disabling a lot of default «features» that can cause you a lot of trouble.
If you know more bad coding paradigms examples in Wordpress, feel free to share it in the comments section.
Top comments (2)
How would you attempt to migrate a platform like wordpress, with their ecosystem to a "better coding paradigm"? It's almost impossible without breaking the existing ecosystem and abandon contributors and the community (Gutenberg was quite disruptive)
While you are right with your criticism from a programmers perspective, you have to wonder why Wordpress is so successful and has such an active community (and the plugins are not only made and maintained by hobby coders who don't know better). They must doing something right and the best coding paradigms might be just opinions? (I bet they would do it different now if they start WP from scratch)
Personally I hate Wordpress, because it's getting slow really quick and you need one or another plugin if you don't just run a blog. On the other side it's great that there is a plugin for almost everything.
I like Wordpress, because the whole system of child templates and overwriting extending things is quite clever at the same time I share your criticism of mixing php and html... it's messy.
I like Gutenberg and that it's going to replace these bloated garbage website builder in themes. I think that's an improvement.
I try to avoid WP. But then I end up with it for some quick low budget things, where I forgot to add an extra fee for WP being a Pain in the Ass. :)
Wordpress is the new Joomla.
As I have said some problems can be solved and I use solutions I've described but are not officially supported by default.