How to Identify Good WordPress Plugins in 4 Easy Steps

How to Identify Good WordPress Plugins in 4 Easy Steps

Over the past few months I’ve been working with Mike Allton and Susanna Perkins on a project that will try to give info-preneurs using WordPress an edge on creating content for their audience. On one of the less busy days, I wrote the post below detailing how I choose plugins for my clients.


 

How to Identify Good WordPress Plugins in 4 Easy Steps

 

So you’ve finally decided what the focus of your website should be and are ready to set up your WordPress install. You now need to select your theme and a series of plugins to build upon the core functionality you get from WordPress out of the box. With thousands of options to choose from, getting a plugin or theme that will not blow up and bring your site down is a challenge.

There are a few steps you can follow to ensure you have good quality WordPress Plugins for your site. Even if you aren’t a developer and can’t understand a single line of code, using these guidelines as a rule of thumb will give you some level of security.

These are the steps I take when helping my clients decide whether to adopt a plugin or not.

1. Check What Others Have To Say

With close to 40,000 plugins at the time of this writing, WordPress.org offers the ability for users to rate plugins. In the early days, it was possible to select the number of stars for a plugin without commenting on it. To make things fair for authors, people now have to state why they are casting their votes and the authors have the chance to defend themselves, if needed. Plugins with too many low-star ratings should raise a red flag, as long as the comments actually make sense. Be careful of detractors that are only out to troll authors without actually trying to provide constructive criticism.

2. Authors Should Provide (Fast) Support

WordPress.org also offers support forums where users can ask authors for help. Some authors choose to provide support on their own sites. Personally, I think this is valid for paid plugins, but free plugins support should be kept where the free plugins are downloaded. Look for how many resolved topics there are in the recent past, and the time it takes for authors to reply. Authors get notified of new topics immediately, and should have a good reason to not reply within a reasonable time frame.

3. Plugins/Themes Should Be Updated Frequently

Let me take a poetic license here… Code is a Living Entity. There’s seldom such a thing as writing a plugin and never touching it again. It is virtually impossible for any piece of code to not need updates from time to time. With the wide variety of environments out there, there’s bound to be a scenario where a bug patch is needed. Also, WordPress.org is always releasing new updates to the core, and plugins and themes need to keep up. The plugin page will tell you when it was last updated, and up to which version of WordPress it has been tested with.

4. Check For Coding Best Practices

Granted, this part is a bit harder to do if you are not a developer. There are, however, a few things you can look for to identify a well written piece of software. You can find the source code in the “Developers” section of the plugin page in WordPress.org.

Code is like a house – Keep it clean or it’ll become full of bugs. Proper spacing and indentation helps developers to easily understand what each part of the code does, as well as the intention of the previous developer when writing that piece. Another thing that helps understand code is commenting. If you look at the core WordPress files, you’ll see that they went to great lengths to properly document what each piece should do. No author remembers EVERYTHING they had in mind when writing code. If they say they do, run away – they’re either lying or they’re dangerously smart and might try to take over the world.

Object Oriented code is a Good Thing– Gone are the days when people could write code without structure. If you see words like class, static, public, private, protected, or extends, it is quite likely that the developer knew what s/he was doing. For the simpler plugins, this might be overkill as it usually comes hand-in-hand with more files and folders and it might be like killing a fly with a shotgun, but the danger of PHP is that it is so easy to use that it becomes easy to write BAD code.

Closing PHP tags are tricky – PHP comes with open and close tags, <?php and ?> respectively. Any white space after a close tag will be rendered by the web server, many times prematurely. If you see errors such as ‘headers already sent’, the culprit is likely to be white space after a closing PHP tag. Using closing tags at the end of a PHP file is not only unnecessary, but frowned upon. It’s better to see a comment indicating the end of file, than an actual closing tag.

Code should be tested – There are several techniques to test software. WordPress comes with a suite of test files that run via phpunit, a robust PHP testing tool. Plugins and themes should be tested, too. Look for a directory called ‘test’, or simply ‘t’ containing at least one PHP file.

Conclusion

Even if you follow all of these steps to the letter, you might still come across a bug. However, it is much less likely to happen and, if it does, you should be able to get fast support from the author. After all, you did follow step 2, right?

Important Changes to USC Plugin Sales and Support

When I started selling WordPress plugins at UseStrict Consulting, I planned to provide life-time updates and free support for all. As it turns out, there are a few fundamental flaws with this business model:

  1. There’s no control over unauthorized copies;
  2. Providing free support takes time away from coding new and exciting things;
  3. There is no business growth;

Over the following weeks, I will be implementing a plugin licensing system, and support will be provided to subscribers only. I believe this will be a win-win situation, as I will be able to provide (even) faster support and better plugins.I’m still studying how to handle old clients, and will post updates as soon as I have more information.Cheers,
Vinny

MVC Starter Plugin for WordPress: Parent Class Overview

Inheritance with MVC Starter Plugin for WordPress

Except for Models, all classes in MVC Starter Plugin for WordPress are extensions of the Parent Class, defined in plugin-name.php. This makes it possible to call methods like load_lib() from anywhere in the child classes. This is important also because MVCSP works with singletons whenever possible.

Yes, I’m aware of the war regarding singletons, but when you look at debug logs and see that WordPress reloads your plugin at least twice in some cases, you really want to make sure that you’re not doing things more often than you should. If you still want to avoid singletons in load_lib(), you can. Refer to the section on that method to know more.

Support for PHP < 5.3

MVC Starter Plugin for WordPress comes with a bootstrap() method that instantiates/serves singletons. It relies on the native function get_called_class(), which was made available in PHP version 5.3. For those few who still run on PHP 5.2 and under, I strongly recommend that you have your hosting company upgrade or switch hosting companies to a more serious one. If that’s not a possibility, you can still use this Starter Plugin because it implements its own get_called_class() if the native one doesn’t exist. Like all methods, it is slower than native calls, so it really is better if you upgrade to a modern PHP version.

Best practices

In order to keep my code easily maintainable, I tend to follow these guidelines:

  • Place add_action and add_filter calls in the __construct() of Controllers
  • Make sure to check that admin-related logic is indeed running under the admin with checks to parent::is_admin().
  • Do the same for front-end logic, checking that parent::is_admin() is false.
  • Avoid having calls to non-controller methods inside the Parent Class constructor, with the odd exception of an abstract class that needs to be loaded beforehand.
  • NEVER have a closing PHP tag at the end of any file. Nobody likes to deal with “headers already sent” errors caused by extra space or newlines that shouldn’t be there. Instead, use a comment to indicate that the file has finished.
/* End of file file-name.php */
/* Location: plugin-dir/file-name.php */

Let me know if there are any other best practices you’d like me to add here.

MVC Starter Plugin for WordPress: Set Up

Template Variables

After you download the MVC Starter Plugin for WordPress, you’ll need to replace a few template variables across all existing files with values of your choosing. They are:

PLUGIN_NAME, PLUGIN_DESC, PluginClass, and <plugin-dir>

  • PLUGIN_NAME: The actual name of your plugin. This will appear in the Installed Plugins screen and in the Admin -> Settings submenu.
  • PLUGIN_DESC: The description of the plugin. This will appear in the Installed Plugins screen.
  • PluginClass: The overall class of your plugin. MVCSP is Object Oriented and all Controllers, DAOs, and Views should extend the parent class.
  • <plugin-dir>: MVCSP borrowed the end-of-file style from CodeIgniter, in the sense that it does not close PHP tags but instead has a comment to indicate that the file is not truncated. The <plugin-dir> tag is only used as part of that comment.

The Set-Up Helper Script

There are several methods to replace the template variables with your desired values. I personally like to use grep or find piped into a Perl one-liner. To make things easier, I included a setup.pl script which takes a few parameters and runs some shell commands in the background. This only works for people using Mac or Linux machines, or probably Windows with Cygwin (not having used Windows in years, I haven’t had a chance to test it). Run it without any parameters and this is what you get:

Usage: perl ./setup.pl --long-name="The Plugin Name" --desc="Full Plugin Description" --class-name="DesiredPHPClassName"

All 3 parameters are required. Use a valid class name or your plugin will throw an error during activation.

The parameters are self-explanatory.

Note: Once you’ve run the setup.pl script, the file plugin-name.php will be renamed to whatever name of the domain is. So suppose you extract the Starter Plugin zip file contents in to a directory called my-plugin, the file plugin-name.php will be renamed to my-plugin.php. WordPress will then have my-plugin/my-plugin.php as the plugin signature.

That’s all there is to setting up the Starter Plugin. You can now activate it in your Admin -> Installed Plugins.

If you want to set up your plugin to run tests, refer the Running Tests section.

MVC Starter Plugin for WordPress

A Little Background

This is the seventh anniversary of UseStrict Consulting. It was born out of my passion for Perl, long before I ever thought of writing plugins for WordPress.

A lot has changed since then – I fell in love with building WordPress plugins in 2011. Like with Perl back in 1998, it started as an itch that needed scratching. My first plugin wasn’t a simple task. I wanted to get live shipping rates from Canada Post to use on my wife’s online pharmacy running eShop. The end result was messy, but it worked… and still does!

Fast forward 4 years. Enter the MVC Starter Plugin for WordPress.

MVC Starter Plugin for WordPress

The MVC Starter Plugin for WordPress is the result of best practices adopted from CodeIgniter, Catalyst, and of course, the WordPress Codex. It is a robust Object Oriented Model/View/Controller framework for WordPress plugins. I haven’t released it to Github yet, as it’d be nice to get some peer feedback before I do that.

The framework comes with a few handy methods and classes, as well as test files which can serve as templates for your own tests. They are designed to work with the WordPress Unit Test Suite and phpunit. I’ll be adding the documentation below as time permits, but feel free to download MVC Starter Plugin and play around with it!

Documentation

  1. Download
  2. Set Up
  3. The Parent Class
    1. Overview
    2. Method: bootstrap()
    3. Method: __construct()
    4. Method: is_admin()
    5. Method: load_lib()
    6. Method: load_all()
    7. Method: render_template()
    8. Method: set_env()
    9. Method: get_env()
    10. Method: log_msg()
  4. Admin Notices Controller
    1. The Notice Pool
    2. Method: set_notice()
  5. The Settings API
    1. Setting Controller Class
    2. Settings DAO and Model Classes
    3. The Settings View
  6. Ajax
    1. The Ajax Controller
    2. The Ajax Request Model

bbPress Notify (No Spam) – Opt Out Add-on

bbPress Notify (No spam) was originally built to let admins know when there is a new message in the forums. Over time, it was modified to notify other roles chosen by the Admin. This add-on allows users to opt-out of notifications.

Version 1.0 has arrived!

Version 1.0 is now available at a special price – only $14.99. This is what you get for that price:

  1. 2 available email template tags for unsubscribe URLs:
    1. [opt-out-url-wp] – gets converted into the wp-admin/profile.php URL
    2. [opt-out-url-bbpress] – gets converted into the bbPress profile URL for that user
  2. Your subscribers can opt-out in either profile screen (WP or bbPress). You choose the one that fits you best (for those who have plugins that disable /wp-admin/profile.php for certain users)
  3. bbPress Subscriptions screen will tell your subscriber whether he has opted out.
  4. From your subscriber’s point of view, nothing happens if he is not part of one of the roles selected to receive notifications.
  5. This price is for version 1.0 only. Once I add more functionality, the price goes up for new buyers.

Please sign up below to receive updates regarding the development process.

Cheers,
Vinny

eShop PayPal Pro Merchant Gateway

eShop PayPal Pro Merchant Gateway allows you to collect Credit Card payments without the need for your client to leave your site.

Installation

  1. Download eshop-paypal-pro.zip and upload it to to your blog’s wp-content/plugins directory;
  2. Activate the plugin in your Plugin Admin interface;
  3. Go to the Settings -> eShop -> Merchant Gateways and enter your sandbox and live PayPal credentials.

Overview

eShop for WordPress comes with basic PayPal support out of the box. This means that your client gets sent to PayPal to make their payments and has the option of not returning. With eShop PayPal Pro Merchant Gateway plugin, you can collect the payment directly from the checkout page, no redirections to outside servers whatsoever.

For PCI compliance, no Credit Card data gets stored. It is up to you, however, to set up SSL on the checkout page.

Settings

Once you activate this plugin, a new section is shown under Settings -> eShop -> Merchant Gateways.

eShop PayPal Pro Settings

Tick the ‘Accept payment by PayPal Pro’ box and enter your Sandbox and Live PayPal credentials (API Username, API Password, and Signature). If you don’t use PayPal Payments Pro yet, click here to learn more about it.

Tick the credit cards that you want to use – note that PayPal does not allow American Express and Discover in certain regions. Make sure to test those cards before going live. Test credit card numbers can be found here.

Click ‘Save Changes’ and you’re good to go.

Checkout

When your clients reach the checkout page, they will see the Credit Card option as one of the payment methods. If it is the only active option, the CC fields will be visible. The type of credit card is identified automatically when the clients type in the number. If there are more Payment options, the fields will only be displayed if the clients click on the CC radio button.

Credit Card Option with Hidden Fields

Credit Card Option with Hidden Fields

Credit Card Fields Displayed

Credit Card Fields Displayed

Fields Shown Automatically

Fields shown automatically when it is the only option available

Confirmation Page

The confirmation page will show only the last four digits of the credit card number and card type.

Confirmation Page Data

Confirmation Page Data

PayPal Sandbox Credit Card Numbers

I recently had trouble using PayPal’s Sandbox accounts with a couple of test credit card numbers that I found online. I was getting an Internal Error message from PayPal, a timeout of sorts. PayPal Support as very quick to explain that the numbers easily found online are outdated. Here are the numbers they gave me for testing. I hope they’re helpful to you as they were to me.

5355821617452825 4539231797097766 371679978113167 6011428784506930
5285570542915472 4929855217305330 375793778613841 6011529879410217
5383804521984816 4532402209297966 343237404492203 6011077434086858
5100568622823460 4929125342648081 346204752699380 6011316919072953
5174158963595579 4915612105806150 371496720560003 6011802923231073
5448506129042417 4929768483269256 343308938304568 6011472168799398
5254734479324127 4532882997894050 345021646614818 6011208593683884
5222972685589732 4532616565981810 345116149238519 6011209316853077
5115652007791949 4024007135023926 345682132459826 6011840879000860
5233352188033933 4556716213378921 376317928643562 6011228616237179

eShop Multi-Currencies Plugin for WordPress

eShop Multi-Currencies plugin allows you to offer your products using over 165 currencies, with automatic exchange rate updates.

Installation

  1. Download eshop-multi-currency.zip and upload it to to your blog’s wp-content/plugins directory;
  2. Activate the plugin in your Plugin Admin interface;
  3. Go to Settings -> eShop -> Currencies tab to customize your settings.

Overview

eShop Multi-Currencies plugin for WordPress gives you the ability to offer multiple currencies to your visitors. Select from over 165 currencies and display your chosen ones via a widget or shortcode. eShop’s default currency settings (base currency and base currency symbol) are moved to the new Currencies tab under eShop -> Settings, where you can also select whether to fetch exchange rates via OpenExchangeRates.org. Display allowed currencies using either a shortcode or a widget.

Settings

Once you activate this plugin, a new Tab is shown under Settings -> eShop -> Currencies.

The new currencies tab on the far right.

The new currencies tab on the far right.

Base Currency

You will also find that the currency symbol and currency options that were originally under ‘General’ and ‘Merchant Gateways’ tabs, respectively, have been moved to the new tab under the ‘eShop Base Currency’ box.

eShop Base Currency Settings

eShop Base Currency Settings

In addition to those two items, you can also select to have the plugin always send the base currency to the merchant gateway, or whatever currency the client has selected. CAVEAT: This is a potentially dangerous option, depending on the merchant gateway. Potential issues include failed transaction due to currency not accepted by the gateway, failed transaction due to given currency different from base currency without explicit acceptance in the gateway settings (outside of eShop), or even additional currency conversion fees. Make sure you know what you’re doing and test it out in a sandbox before using this option.

Open Exchange Rates

When dealing with multiple currencies, the system needs to know the exchange rates for each selected option. The plugin comes with integration with http://openexchangerates.org and instructions on how to get a free account. Due to performance reasons, exchange rates are not fetched in real time, but scheduled from hourly to monthly. You can also force the system to update on demand.

Open Exchange Rates

Allowed Currencies

The next section is for the actual allowed currencies. Choose as many currencies as you want (remember to play by your Merchant Gateway’s rules), and set the name, symbol, conversion rate (if you’re not using OXR as that sets it for you). You can also adjust fixed rates and percentages if you feel you need to. If you want to deactivate a currency without actually removing it, just toggle the ‘Active’ checkbox.

Allowed Currencies

Allowed Currencies

 eShop Orders Screen

To help you keep track of the currencies the sales have been made in (for those passing the non-base currency to the Merchant Gateways), All orders screens have been updated to display the 3-letter currency code instead of the base currency’s symbol.

User Preferences

Currency preference is kept via a cookie in your customer’s browser. When he completes the payment and opts to create an account, the preferred currency is stored and is viewable/modifiable under your customer’s profile screen.

Shortcode and Widget

You can place the currency selector drop-down anywhere you want by using the [emc-currency-selector] shortcode, or the special widget provided by the plugin. To add it directly to your theme, call

<?php echo do_shortcode('[emc-currency-selector]'); ?>

Requirements

This plugin uses shortcode_exists(), which was added in WP 3.6. It has been tested with WP v4.1 and newer.

Bugs

This plugin has been tested extensively. We do our best to provide as bug-free code as possible, but we cannot possibly test with all the different scenarios in the wild. If you find a bug, please let us know via our contact form.

Thanks

We’d like to thank Triple Ace Games for helping fund this project. Feel free to pay them a visit as they have some pretty cool products :).