April 21, 2023 — The first time you learn about a WordPress multisite network, you might find you have a bunch of questions. Things like, “Can I point top-level domains to subdomain sites?”, “Can I convert a multisite back to a single site?”, “Can I extract a subsite out of the network?”, “If you have an existing site, can you create a multisite main site above it to keep the first site as a subsite?” and many more. In this session, we’ll look at some of the things that are possible with a multisite network, and hopefully answer all these questions.

Presentation Slides »

April 14, 2023 — A multisite network can be very similar to your own personal version of WordPress.com. End users of your network can create their own sites on demand, or you can create a multisite network in which only you, the administrator, can add new sites. In this session, you’ll learn about creating a multisite network, as well as walk through the steps to setting one up.

Presentation Slides »

April 7, 2023 — When working with any CMS or web framework, it’s a good idea to understand the basics of how it works under the hood. When you understand how your development tools function, you feel more comfortable and confident using them. In this session, you’ll learn the basics of the WordPress request lifecycle, walking through the process that happens on the web server when a browser makes a request to a WordPress URI.

Presentation Slides »

March 24, 2023 — The WordPress User Roles and Capabilities system provides a robust way to control user access to sensitive data on your WordPress site. It’s not only possible to create custom roles and assign capabilities to those roles, but it’s also possible to assign content type capabilities to your custom post types. This adds another layer of control over your site content, especially if you require different levels of access. In this session, we’ll be taking a look at the specific functionality that exists in the register_post_type function that pertains to post type capabilities, learn how this works, and how to best make use of it.

Presentation Slides »

March 17, 2023 — The WordPress User Roles and Capabilities system provides a robust way to control user access to sensitive data on your WordPress site.

While the predefined roles and capabilities should suffice for most requirements, it is also possible to add new user roles, and define capabilities for that role.

In this session, you’ll learn about the default WordPress roles and capabilities, how they are set up and stored in the WordPress database, and how you can create custom roles and assign capabilities.

Presentation Slides »

March 10, 2023 — This session picks up from the last preventing common security vulnerabilities session (https://wordpress.tv/2023/03/03/lets-code-preventing-common-security-vulnerabilities/), and cover’s how to use nonces to prevent cross-site request forgery vulnerabilities

Presentation Slides »

March 3, 2023 — Earlier this year, we looked at the theory behind developing WordPress plugins and themes securely. We covered how to develop a security mindset, and the guiding principles of secure development, and looked at the five examples of these principles, Sanitizing Data, Validating Data, Escaping Data, Nonces, and User Roles and Capabilities.

In this session, we will look at how these principles are applied in real-world examples, by understanding common security vulnerabilities, how they can be exploited by would-be attackers, and what you can do to prevent them.

Presentation Slides »

February 18, 2023 — In this session, I answer any developer-focused questions folks have. What questions do you have about WordPress development? Is there something you don’t understand, a piece of code you’re struggling with, or a problem you’re trying to solve?

February 10, 2023 — The WordPress REST API is more than just a set of default routes. It is also a tool for creating custom routes and endpoints. In this session, you’ll learn how to create custom routes and endpoints, and test them using Postman.

Presentation Slides »

February 3, 2023 — The WordPress REST API provides an interface for applications to interact with your WordPress site by sending and receiving data as JSON (JavaScript Object Notation) objects. By default, it provides REST endpoints (URLs) representing the posts, pages, taxonomies, and other built-in WordPress data types. Your application can send and receive JSON data to these endpoints to query, modify and create content on your site. However, it is also possible to extend the WP REST API, in order to perform specific actions that are outside of the scope of the default routes and endpoints. In this session, you will learn about one of the ways you can extend the WP REST API, by modifying REST responses.

Presentation Slides »