By: Jonas Nordström, @windyjonas
Date: 2013-04-16
esc_attr( $text );
Encodes the <, >, &, " and ' (less than, greater than, ampersand, double quote and single quote) characters. Will never double encode entities.
Example:
paulund
/ wordpress-base-custom-data.php
Created
September 24, 2013 16:27
A PHP class to handle CRUD functionality in WordPress default tables.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * Abstract class which has helper functions to get data from the database | |
| */ | |
| abstract class Base_Custom_Data | |
| { | |
| /** | |
| * The current table name | |
| * | |
| * @var boolean |
jrfnl
/ wp-config-debug.php
Last active
March 13, 2025 10:13
Code to add to wp-config.php to enhance information available for debugging.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * == About this Gist == | |
| * | |
| * Code to add to wp-config.php to enhance information available for debugging. | |
| * | |
| * You would typically add this code below the database, language and salt settings | |
| * | |
| * Oh.. and *do* make sure you change the path to the log file to a proper file path on your server (make sure it exists). | |
| * |
pento
/ commercial-client.php
Created
July 2, 2013 12:29
Sample Commercial Plugin update server and client
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| * Plugin Name: Commercial Client | |
| * Plugin URI: http://pento.net/ | |
| * Description: A sample client plugin for showing updates for non-WordPress.org plugins | |
| * Author: pento | |
| * Version: 0.1 | |
| * Author URI: http://pento.net/ | |
| * License: GPL2+ | |
| */ |
strangerstudios
/ heartbeat-api-demo.php
Last active
September 5, 2024 01:39
Minimal example demonstrating the WordPress Heartbeat API being added in WP version 3.6.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| Plugin Name: Heartbeat API Demo | |
| Plugin URI: http://www.strangerstudios.com/wp/heartbeat-api-demo | |
| Description: Minimal example demonstrating the WordPress Heartbeat API being added in WP version 3.6. | |
| Version: .1 | |
| Author: strangerstudios | |
| If logged in as a user and viewing the frontend of your website, | |
| every 15 seconds you should see the following in your Javascript console: |
RalfAlbert
/ onetime_nonce.php
Last active
February 4, 2017 12:13
WordPress - onetime nonce (see: www.stephenharris.info/2013/nonces-that-are-used-only-once/ )
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| function create_onetime_nonce( $action = -1 ) { | |
| $time = time(); | |
| $nonce = wp_create_nonce( $time . $action ); | |
| set_transient( '_nonce_' . $time, 1, 60*60 ); // adjust the lifetime of the transient | |
| return $nonce . '-' . $time; | |
| } | |
| function verify_onetime_nonce( $_nonce, $action = -1 ) { | |
| @list( $nonce, $time ) = explode( '-', $_nonce ); |
annalinneajohansson
/ order_by_multiple_meta_values.php
Last active
January 17, 2018 14:40
Solution to order posts by two different meta values (the same way ORDER val1, val2 would with SQL)
http://wordpress.stackexchange.com/a/67391/5045
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /* | |
| * Solution to order first by date, then by start time (both are meta values) | |
| * http://wordpress.stackexchange.com/a/67391/5045 | |
| * */ | |
| add_action( 'pre_get_posts', 'pre_get_posts_programpunkter' ); | |
| function pre_get_posts_programpunkter( $query ) { | |
| if( !is_admin() && is_post_type_archive( 'programpunkt' ) && $query->is_main_query() ) { |
bonny
/ plugin-stats.php
Last active
December 16, 2015 07:59
WordPress Plugin Download Stats for Panic Status Board Original blog post: http://simple-fields.com/2013/status-board-panel-to-show-wordpress-plugin-downloads/
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // Read the original blog post here to understand what this is: | |
| // http://simple-fields.com/2013/status-board-panel-to-show-wordpress-plugin-downloads/ | |
| define('WP_USE_THEMES', false); | |
| define("WP_CACHE", false); // i get 404 if enabled | |
| require('../wordpress/wp-blog-header.php'); | |
| class panic_dashboard_wp_plugin_stats { |
windyjonas
/ wordpress-escaping.md
Last active
September 21, 2020 16:10
Most of the escaping functions in WordPress, with a short explanation and example.
alexkingorg
/ enqueue-heartbeat.php
Last active
December 16, 2015 04:59
WordPress 3.5 Compatible Heartbeat API Usage
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| // enqueue the script, | |
| // this fails gracefully if no 'heartbeat' script is registered | |
| wp_enqueue_script('heartbeat'); |
boogah
/ .htaccess
Created
April 12, 2013 16:49
A list of bad IPs responsible for a number of brute force attacks on WordPress, prepared as an .htaccess deny list. Just add it to your site's .htaccess rules and feel a tiny bit safer. List culled from this post by Sucuri: http://blog.sucuri.net/2013/04/mass-wordpress-brute-force-attacks-myth-or-reality.html
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # BEGIN wp-login.php blocks | |
| <Files wp-login.php> | |
| order allow,deny | |
| deny from 31.184.238.38 | |
| deny from 178.151.216.53 | |
| deny from 91.224.160.143 | |
| deny from 195.128.126.6 | |
| deny from 85.114.133.118 | |
| deny from 177.125.184.8 | |
| deny from 89.233.216.203 |