From 561256a5da0db7534be57db65413b92e618e4d9a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Denis=20=C5=BDoljom?= Date: Sun, 17 Apr 2022 19:12:24 +0200 Subject: [PATCH 1/9] Add spacings around the section titles Improves readability in the file. --- wordpress-coding-standards/php.md | 33 ++++++++++++++++++++++++++++++- 1 file changed, 32 insertions(+), 1 deletion(-) diff --git a/wordpress-coding-standards/php.md b/wordpress-coding-standards/php.md index 9b600cd..c5460d3 100644 --- a/wordpress-coding-standards/php.md +++ b/wordpress-coding-standards/php.md @@ -5,8 +5,11 @@ Some parts of the WordPress code structure for PHP markup are inconsistent in th Keep the following points in mind when writing PHP code for WordPress, whether for core programming code, plugins, or themes. The guidelines are similar to Pear standards in many ways, but differ in some key respects. See also: PHP Documentation Standards. +

PHP

+

Single and Double Quotes

+ Use single and double quotes when appropriate. If you're not evaluating anything in the string, use single quotes. You should almost never have to escape quotes in a string, because you can just alternate your quoting style, like so: ```php @@ -15,7 +18,9 @@ echo "$linkname"; ``` Text that goes into attributes should be run through esc_attr() so that single or double quotes do not end the attribute value and invalidate the HTML and cause a security issue. See Data Validation in the Codex for further details. +

Indentation

+ Your indentation should always reflect logical structure. Use real tabs and not spaces, as this allows the most flexibility across clients. Exception: if you have a block of code that would be more readable if things are aligned, use spaces: @@ -68,7 +73,9 @@ switch ( $type ) { ``` Rule of thumb: Tabs should be used at the beginning of the line for indentation, while spaces can be used mid-line for alignment. +

Brace Style

+ Braces shall be used for all blocks in the style shown here: ```php @@ -119,6 +126,7 @@ Note that requiring the use of braces just means that single-statement inlin ```

Use elseif, not else if

+ else if is not compatible with the colon syntax for if|elseif blocks. For this reason, use elseif for conditionals.

Declaring Arrays

@@ -169,12 +177,13 @@ $a = foo( ```

Regular Expressions

+ Perl compatible regular expressions (PCRE, preg_ functions) should be used in preference to their POSIX counterparts. Never use the /e switch, use preg_replace_callback instead. It's most convenient to use single-quoted strings for regular expressions since, contrary to double-quoted strings, they have only two metasequences: \' and \\. -

Opening and Closing PHP Tags

+ When embedding multi-line PHP snippets within an HTML block, the PHP open and close tags must be on a line by themselves. Correct (Multiline): @@ -209,6 +218,7 @@ if ( $a === $b ) { ?> ```

No Shorthand PHP Tags

+ Important: Never use shorthand PHP start tags. Always use full PHP tags. Correct: @@ -226,8 +236,11 @@ Incorrect: ```

Remove Trailing Spaces

+ Remove trailing whitespace at the end of each line of code. Omitting the closing PHP tag at the end of a file is preferred. If you use the tag, make sure you remove trailing whitespace. +

Space Usage

+ Always put spaces after commas, and on both sides of logical, comparison, string and assignment operators. ```php @@ -313,6 +326,7 @@ my_function( ( $x - 1 ) * 5, $y ); ```

Formatting SQL statements

+ When formatting SQL statements you may break it into several lines and indent if it is sufficiently complex to warrant it. Most statements work well as one line though. Always capitalize the SQL parts of the statement like UPDATE or WHERE. Functions that update the database should expect their parameters to lack SQL slash escaping when passed. Escaping should be done as close to the time of the query as possible, preferably by using $wpdb->prepare() @@ -329,11 +343,15 @@ $wpdb->query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_title = %s WHERE ID %s is used for string placeholders and %d is used for integer placeholders. Note that they are not 'quoted'! $wpdb->prepare() will take care of escaping and quoting for us. The benefit of this is that we don't have to remember to manually use esc_sql(), and also that it is easy to see at a glance whether something has been escaped or not, because it happens right when the query happens. See Data Validation in the Codex for more information. +

Database Queries

+ Avoid touching the database directly. If there is a defined function that can get the data you need, use it. Database abstraction (using functions instead of queries) helps keep your code forward-compatible and, in cases where results are cached in memory, it can be many times faster. If you must touch the database, get in touch with some developers by posting a message to the wp-hackers mailing list. They may want to consider creating a function for the next WordPress version to cover the functionality you wanted. +

Naming Conventions

+ Use lowercase letters in variable, action/filter, and function names (never camelCase). Separate words via underscores. Don't abbreviate variable names unnecessarily; let the code be unambiguous and self-documenting. ```php @@ -397,6 +415,7 @@ class Example_Class_Extended { [...] } ```

Self-Explanatory Flag Values for Function Arguments

+ Prefer string values to just true and false when calling functions. ```php @@ -432,6 +451,7 @@ eat ( 'noodles', array( 'speed' => 'moderate' ) ); ```

Interpolation for Naming Dynamic Hooks

+ Dynamic hooks should be named using interpolation rather than concatenation for readability and discoverability purposes. Dynamic hooks are hooks that include dynamic values in their tag name, e.g. {$new_status}_{$post->post_type} (publish_post). @@ -443,7 +463,9 @@ do_action( "{$new_status}_{$post->post_type}", $post->ID, $post ); ``` Where possible, dynamic values in tag names should also be as succinct and to the point as possible. $user_id is much more self-documenting than, say, $this->id. +

Ternary Operator

+ Ternary operators are fine, but always have them test if the statement is true, not false. Otherwise, it just gets confusing. (An exception would be using ! empty(), as testing for false here is generally more intuitive.) The short ternary operator must not be used. @@ -471,7 +493,9 @@ In the above example, if you omit an equals sign (admit it, it happens even to t A little bizarre, it is, to read. Get used to it, you will. This applies to ==, !=, ===, and !==. Yoda conditions for <, >, <= or >= are significantly more difficult to read and are best avoided. +

Clever Code

+ In general, readability is more important than cleverness or brevity. ```php @@ -547,20 +571,27 @@ The goto statement must never be used. The eval() construct is very dangerous, and is impossible to secure. Additionally, the create_function() function, which internally performs an eval(), is deprecated in PHP 7.2. Both of these must not be used.

Error Control Operator @

+ As noted in the PHP docs:
PHP supports one error control operator: the at sign (@). When prepended to an expression in PHP, any error messages that might be generated by that expression will be ignored.
While this operator does exist in Core, it is often used lazily instead of doing proper error checking. Its use is highly discouraged, as even the PHP docs also state:
Warning: Currently the "@" error-control operator prefix will even disable error reporting for critical errors that will terminate script execution. Among other things, this means that if you use "@" to suppress errors from a certain function and either it isn't available or has been mistyped, the script will die right there with no indication as to why.
+

Don't extract()

+ Per #22400:
extract() is a terrible function that makes code harder to debug and harder to understand. We should discourage it's [sic] use and remove all of our uses of it. Joseph Scott has a good write-up of why it's bad.
+

Credits

+ +

Major Changes

+