When you’re developing plugins, messing up is just part of the process.
There’s a lot of trial and error involved in developing plugins for WordPress. You don't need to beat yourself every time you make an error, but there are some really common mistakes you can avoid.
Read on to find out how to avoid eight of the most common mistakes you'll make when first creating plugins for WordPress.
Mistake #1. Failing to consider compatibility
Before you get down to coding, you need to figure out which version of PHP you want to develop for. Certain versions of PHP will be compatible with some users, but not all. Do some research and find out who will be interested in using your plugin, and what they’re using, so your plugin can be compatible with as many of them as possible.
WordPress.org has a really helpful page with usage statistics. PHP 7 is the latest and greatest release, but only 30% of WordPress users have updated. So if you drop support for PHP 5, you'll also lose 70% of potential users. If you drop support for just PHP 5.3 and 5.4, you'll still lose 20% of potential users.
Mistake #2. Choosing bad function names
A generic function name is a bad function name.
A function’s name needs to describe it, and distinguish it from other functions. If you name your function ‘update,’ or are careless enough to have more than one function with the same name, you are going to have a bad time.
The reason for bad function names is often that the coder wants to keep them short. You can keep your function names relatively short if you wrap them into a class.
Mistake #3. Failing to prefix functions
You’re probably aware that other plugin developers could use the exact same name as you.
All these functions inhabit the same execution space, so once a plugin is activated, its functions are loaded, and nothing is out there separating functions with the same name.
As you can imagine, this can cause people problems. Fortunately this is an easily preventable mistake, simply give a prefix to each of your function names so that each is one of a kind.
Mistake #4. Not including an uninstall function
Being able to uninstall a plugin is an essential, but under-utilized by WordPress coders.
There are two ways to have an uninstall function, one is using an uninstall hook, and the other is simply using an uninstall file. People just like being able to delete things once they’re done with them. Find out more on the WordPress codex.
Mistake #5. Keeping debug mode off
Do not leave debug mode off - that is a terrible idea during development. This is your most important debugging configuration.
This function also helps you by generating WordPress debug messages and tracking deprecated function usage. These functions have expiry times and debug mode can give you a warning by telling you those times so you can fix them before it’s too late.
To find out more about debugging your plugins, check out our guide to the WordPress Debug Bar plugin.
Mistake #6. Forgetting to utilize nonces
Related to bad plugin security is not using nonces. You can prevent misuse of your URLs and forms by using a nonce function.
These handy functions create unique timestamps that cannot be guessed and ensure that requests are coming from your admin area, and not someone trying to mess with your plugin.
Add a nonce onto your URLs and include it as a hidden field on your forms to prevent cross-site request forgery (CSRF). Because every user has a unique nonce, the function knows exactly who is requesting access.
Mistake #7. No comments, no indentations
Coding a plugin and leaving no comments or indentation means that it now has a very short lifespan.
Plugins need updates, and if there are no notes or indentation then updating the plugin months later becomes nearly impossible, because the person who coded it will have forgotten what they did and why they did it.
With no notes or indentations to remind them and guide them, that plugin is a goner, kiss it goodbye. Always write neat and readable sources to help yourself and others be able to read your code later.
Mistake #8. Not following the WordPress coding standards
WordPress has clear coding standards for developer. If you follow WordPress standards, it will be much easier for others to understand, improve or expand on your work.