March 10, 2023 — This session picks up from the last preventing common security vulnerabilities session (https://wordpress.tv/2023/03/03/lets-code-preventing-common-security-vulnerabilities/), and cover’s how to use nonces to prevent cross-site request forgery vulnerabilities

Presentation Slides »

March 3, 2023 — In the “Using the WordPress REST API” tutorial you were introduced to the WordPress REST API, as well as the Backbone.js client to interact with it.

In this tutorial, we will look at how you can interact with the WP REST API further, but adding and deleting data.

Presentation Slides »

March 3, 2023 — Earlier this year, we looked at the theory behind developing WordPress plugins and themes securely. We covered how to develop a security mindset, and the guiding principles of secure development, and looked at the five examples of these principles, Sanitizing Data, Validating Data, Escaping Data, Nonces, and User Roles and Capabilities.

In this session, we will look at how these principles are applied in real-world examples, by understanding common security vulnerabilities, how they can be exploited by would-be attackers, and what you can do to prevent them.

Presentation Slides »

February 24, 2023 — WordPress 6.2 is scheduled to be released on March 28, 2023, with the first Release Candidate (RC) to be available to test on March 7, 2023.

Testing an upcoming release is a great way to make sure your themes and plugins will work with the newest release, while also making sure you keep up to date with upcoming features.

In this session, you’ll learn how to use the WordPress Beta Tester plugin to test a new WordPress release, and where to find information to test the new features. We’ll also cover how to log an issue in the WordPress release ticketing system, should you come across a bug.

Presentation Slides »

February 18, 2023 — In this session, I answer any developer-focused questions folks have. What questions do you have about WordPress development? Is there something you don’t understand, a piece of code you’re struggling with, or a problem you’re trying to solve?

February 17, 2023 — The WordPress REST API provides an interface for applications to interact with your WordPress site by sending and receiving data as JSON (JavaScript Object Notation) objects. It is the foundation of the WordPress Block Editor.

However, it also provides a more predictable and structured way to interact with your site’s content than using admin-ajax. In this session, you will learn how to use the WP REST API in place of using admin-ajax, in order to interact with existing WordPress data.

Presentation Slides »

February 10, 2023 — The WordPress REST API is more than just a set of default routes. It is also a tool for creating custom routes and endpoints. In this session, you’ll learn how to create custom routes and endpoints, and test them using Postman.

Presentation Slides »

February 3, 2023 — The WordPress REST API provides an interface for applications to interact with your WordPress site by sending and receiving data as JSON (JavaScript Object Notation) objects. By default, it provides REST endpoints (URLs) representing the posts, pages, taxonomies, and other built-in WordPress data types. Your application can send and receive JSON data to these endpoints to query, modify and create content on your site. However, it is also possible to extend the WP REST API, in order to perform specific actions that are outside of the scope of the default routes and endpoints. In this session, you will learn about one of the ways you can extend the WP REST API, by modifying REST responses.

Presentation Slides »

February 3, 2023 — With WordPress now powering over 40% of the web, website owners need to think more about online security. Almost every week a new plugin vulnerability is found and patched, leading to concerns about the security of WordPress.

Fortunately for the new plugin developer, the WordPress developer handbook has an extensive section on Plugin Security. If followed, plugin vulnerabilities can be drastically reduced, and the entire ecosystem is protected.

This tutorial will introduce the new developer to the first 5 areas of plugin security, using easy-to-understand examples.

Presentation Slides »

January 27, 2023 — In this session, we will continue to learn how to use the WP REST API and Backbone.js client by looking at how to make update requests, how to add or update custom fields on posts, and how to authenticate REST API requests when not logged into a WordPress site.

At the same time, we’ll review how to use the Postman API testing tool to test our WP REST API Requests

Presentation Slides »