Last active
April 5, 2019 12:27
-
-
Save developer-anuragsingh/a83b1e40594270533a4f7f64a2787c9c to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ---------------------------------------- | |
| Perform checks as per PHPCS stadard | |
| ---------------------------------------- | |
| phpcs --standard=WordPressVIPMinimum,WordPress,WordPress-Docs [File name along with full path] | |
| ------------------------------------------------------- | |
| Automatic fixes with PHPCBF Stadards | |
| ------------------------------------------------------- | |
| phpcbf --standard=WordPressVIPMinimum,WordPress,WordPress-Docs [File name along with full path] | |
| -------------------------------- | |
| Array/Object - If var is a array | |
| -------------------------------- | |
| - is_array($testArray) | |
| - is_object($testObject) | |
| -------------------------------------------------------- | |
| Array - If var is a array and access perticular property | |
| -------------------------------------------------------- | |
| - property_exists($testArray, "dynamic") | |
| - property_exists($testObject, "dynamic") | |
| - Ex (Array) | |
| if ( is_array( $testArray ) && property_exists( $testArray, "dynamic" ) ) { | |
| --- | |
| --- | |
| } | |
| - Ex (Object) | |
| if ( is_object( $testObject ) && property_exists( $testObject, "dynamic" ) ) { | |
| --- | |
| --- | |
| } | |
| ------------------------------------- | |
| If using wordpress in-buid functions | |
| ------------------------------------- | |
| $term_by = get_term_by( 'slug', 'TAXONOMY_SLUG', $taxonomy ); | |
| if ( ! is_wp_error( $term_by ) && $term_by->term_id ) { | |
| --- | |
| --- | |
| } | |
| --------------------------------------------------------- | |
| Validating Sanitizing & Ecaping | |
| --------------------------------------------------------- | |
| # It’s best to do the output escaping as late as possible, ideally as data is being outputted. | |
| $safe_zipcode = intval( $_POST['my-zipcode'] ); // casts user input as an integer | |
| $title = sanitize_text_field( $_POST['title'] ); // Strips all tags, Remove line breaks, tabs and extra white space | |
| echo esc_html( $content ); // // HTML element encloses a section of data we’re outputting | |
| echo esc_url( $great_user_picture_url ); // should be used on all URLs | |
| echo esc_js( $value ); // intended for inline Javascript | |
| echo esc_attr( $stored_class ); // can be used on everything else that’s printed into an HTML element’s attribute | |
| echo wp_kses_post( $partial_html ); // allows all markup normally permitted in posts | |
| ---------------------------------------------------- | |
| Whitelist VIP errors with // phpcs:ignore | |
| ---------------------------------------------------- | |
| Found a error which cann't be solve due to a valid reason | |
| Ex - Using a obj which have a property name start with Capital Letter | |
| $test_var = $test_object->Test_Property;// phpcs:ignore | |
| ---------------------------------------------------------------------------------------------------------------- | |
| Ref - https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards/wiki/Fixing-errors-for-input-data | |
| Ref - https://vip.wordpress.com/documentation/ | |
| Ref - https://developer.wordpress.com/themes/escaping/ | |
| Ref - https://vip.wordpress.com/documentation/vip-go/ | |
| Ref - https://code.tutsplus.com/articles/data-sanitization-and-validation-with-wordpress--wp-25536 | |
| Ref - https://codex.wordpress.org/Validating_Sanitizing_and_Escaping_User_Data | |
| ---------------------------------------------------------------------------------------------------------------- |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment