WordPress Planet

May 21, 2019

WPTavern: CoBlocks 1.9.5 Merges Block Gallery Plugin into Collection, Adds New Form Block

CoBlocks, a collection of page builder blocks that was recently acquired by GoDaddy, has added four new blocks in version 1.9.5. This is the first major release since the plugin was acquired from Rich Tabor and his co-creators. Tabor now heads up a WordPress Experience team at GoDaddy where CoBlocks’ development continues.

This release merges the three gallery blocks (Masonry, Stacked, and Carousel) from the Block Gallery plugin into CoBlocks. There is a migration path for users to convert their existing Block Gallery blocks to CoBlocks’ gallery blocks. Block Gallery is still available on WordPress.org as a separate plugin with 5,000 active installs, which is actually more installs than CoBlocks (4,000). Tabor said his team is still discussing whether or not it will remove the plugin in the future.

“CoBlocks is already a suite of blocks that level-up the block editor, bringing in those gallery blocks into the core plugin removes a barrier for folks who already have CoBlocks installed,” Tabor said. “Instead of folks having to install, activate, and maintain two plugins – only one is needed. On top of that, it’s far easier to maintain them collectively under one roof, as many of the components are shared between the two plugins.”

In addition to merging the gallery blocks, CoBlocks 1.9.5 introduces a new Form block that allows users to customize a simple form directly within the editor. The block includes name, email, and message form fields but does not offer the ability to create new fields or change them to different types of fields. Users can set any of the fields as required using a toggle inside the block preview. For anything beyond these capabilities, a dedicated forms plugin would be required.

CoBlocks 1.9.5 also adds official support for Gutenberg 5.7 and includes more than a dozen tweaks and fixes.

Tabor said his team is identifying further solutions that can be leveraged to make page building in WordPress more simple. CoBlocks is rapidly becoming a another one-stop shop for the mostly commonly used page building blocks.

“We’re looking at how to make adding maps easier (a better Map block) and developing a system that enables restaurants to build out menus,” Tabor said.

Several other block collections already offer a map block and/or a similar suite of page building functionality, such as Ghost Kit, Atomic Blocks, Stackable, and Editor Blocks. Collections seem to be the best way to offer multiple small UI elements, especially if they are all designed to be complimentary in style. Plugin authors differentiate their collections from the others with additional block options, support, complimentary themes, and immediate compatibility with the Gutenberg plugin.

At the moment, there is little incentive for developers to maintain functionality as separate plugins, but WordPress’ planned single block directory may change the way blocks are packaged for optimal discovery. For now, it’s a race to see which block collection can offer the most useful suite with the most intuitive UI.

by Sarah Gooding at May 21, 2019 12:57 AM under godaddy

May 20, 2019

WPTavern: WordPress 5.2 Improves the Security of Automatic Updates

WordPress 5.2, released earlier this month, added the first step towards fully secure updates with offline digital signatures. Scott Arciszewski, Chief Development Officer for Paragon Initiative Enterprises, explains how it works and how developers can migrate away from mcrypt to libsodium.

When your WordPress site installs an automatic update, from version 5.2 onwards, it will first check for the existence of an x-content-signature header.

If one isn’t provided by the update server, your WordPress site will instead query for a filenamehere.sig file.

No matter how it’s delivered, the signatures are calculated using Ed25519 of the SHA384 hash of the file’s contents. The signature is base64-encoded for safe transport.

Scott Arciszewski

The WordPress core development team manages the signing or secret keys. WordPress 5.2 contains a signing key that expires on April 1, 2021. The verification key or public key is used to decipher the secret key. This value determines the validity of the signature.

Since the feature is still in an experimental phase, WordPress 5.2 allows an update to occur if a soft error or invalid signature is encountered. This is to prevent more severe errors from causing the user to be locked out of the update process until a manual update is applied. The team will use the reported error information to improve the signature checking process.

The digital signatures are only supported for core updates with Themes and Plugins to follow in a later release. It’s also likely that the team will include separate keys for core releases, plugins, themes, translations, etc. to allow for more fine-grained control.

Digital signatures applied to WordPress core updates is an important milestone because it prevents users from unknowingly downloading updates from malicious sources.

For example, without digital signatures, if the server or servers that house the core update files were compromised, a false update could be sent to millions of sites. In 2016, WordFence explained how this scenario could play out when they publicized a security vulnerability they discovered with api.wordpress.org.

Persistence Pays Off

In early 2017, Arciszewski published a plea to Matt Mullenweg to focus on securing WordPress’ automatic updates system by using secure cryptographic signatures. Mullenweg responded to the article with one of his own on Medium.

We will at some point; as said above it’s a good idea — can’t hurt, might help. There are, however, some more important security issues in front of it, that impact millions of sites in the real world, so we are prioritizing those issues above a nice-to-have, defense in-depth effort.

Matt Mullenweg

Arciszewski has spent at least six years trying to convince the core team to implement digitally signed updates. Four months ago, Gary Pendergast, WordPress core developer, responded to the ticket saying that the feature fell in line with the list of WordPress priorities planned for 2019 and beyond. Pendergast laid out a plan and with a confirmed commitment to landing it in core, Arciszewski worked with the core team to make it a reality.

Millions of WordPress sites are on their way to becoming more secure thanks to the persistence and efforts of Arciszewski and the WordPress core team.

by Jeff Chandler at May 20, 2019 09:28 PM under security

May 18, 2019

WPTavern: Jetpack Opens Signup for Membership Block Beta

Jetpack has opened a signup for the beta of its upcoming Membership feature in order to collect feedback from potential testers. The changelog for version 7.3, released two weeks ago, hinted at a new Membership block coming to the plugin. The work in progress was added behind the JETPACK_BETA_BLOCKS constant, presumably in preparation for wider testing.

Based on the feature’s description on GitHub, the first iteration will function like a recurring payment/donation button that uses Stripe as the payment gateway. In this case, “membership” might be a misnomer for the feature. The wording on the beta signup page lends to the confusion: “WordPress.com is currently preparing a feature that will let you enable subscriptions on your site.”

At the moment, it appears that the Jetpack team hasn’t fully decided what this feature will become and seems open to seeing where it will go. Beta testers will likely refine the direction of the block. If you have an interest in using Jetpack’s membership capabilities in the future and want to shape its development, you can sign up for the beta by providing your WordPress.com login and a description of your needs and expectations for the feature.

by Sarah Gooding at May 18, 2019 04:09 AM under membership

WPTavern: Jetpack Retires Proofreading Module, Time to Find A New Grammar and Spellchecking Alternative

Jetpack 7.3 was released last week and if you didn’t read the changelog, you may have missed that the spelling and grammar checking module that uses After the Deadline has been retired.

“Grammar and Spelling: Remove from Jetpack. We’ve chekced the spelling alot over the years, but now time to retire.”

From the Jetpack 7.3 Changelog

According to James Huff, an Automattician and volunteer moderator, the module was removed in favor of better options being available.

“We removed the feature as it has become a bit redundant lately,” he said. “Most major web browsers have some form of this already built-in, and free extensions like Grammarly are making huge strides in the field. It felt like the right time to back out of that field and focus more on everything else we offer.”

After the Deadline is a service that was created in 2008 by Raphael Mudge and was acquired by Automattic in 2009. It not only checked for grammar and spelling errors, it did so contextually and provided style suggestions. Mudge moved on from Automattic in 2010 and the service has seemingly operated on auto-pilot.

After the Deadline Proofreading Button in the Calypso Editor

Between 2010 and 2011, the Jetpack team added support for AtD with a proofreading module. Unfortunately, the proofreading button that was available in the Classic editor was not ported over to Gutenberg. This issue was originally reported on GitHub in 2018 but was closed 14 days ago due to AtD support being removed from Jetpack, WordPress.com, and Calypso.

I’ve used After the Deadline for 10 years and although there’s no official statement on when the service will be retired, the writing appears to be on the wall.

I plan to give Grammarly a try but I’ll miss After the Deadline. What grammar and spellchecking services or software do you use and recommend as an alternative to After the Deadline?

by Jeff Chandler at May 18, 2019 12:00 AM under spell check

May 17, 2019

WPTavern: VVV 3.0 Introduces New Ubuntu 18 Box, Support for VVV 2 is Discontinued

VVV 3.0 was released this week, introducing a new Ubuntu 18.04 LTS box. The project’s previous versions used Ubuntu 14, which has now reached end of life (EOL).

Support for VVV 2 is now discontinued, due to an unforeseen complication with its PHP dependencies. Ondřej Surý, who maintains all the PHP packages VVV uses, deleted the unsupported ones in response to Ubuntu 14 reaching EOL. VVV contributors had set up a package mirror but only 70% of them were mirrored. As a result, VVV 2 installs were no longer able to provision. VVV maintainers have stopped supporting it and it will not receive any fixes or updates in the future.

Tom Nowell said he and his fellow VVV maintainers had “a mini- Ubuntu 14-apocalypse of sorts when it reached EOL,” so the new Ubuntu 18 box is a big bump up that should cover the project until 2024. It includes Kernel improvements that make Ubuntu faster when used in a virtual machine. The 3.0 update came out of necessity but it includes changes the team had already intended to make.

“We wanted to move from 14 to 18 for a long time anyway, and Anton Vanyukov had written a PR starting that, so we went ahead,” Nowell said. “The internals are based on VVV 2 so 99% of things should still work exactly the same (but a bit better and a little faster).”

VVV now uses a leaner custom built box, but it requires users to destroy their VMs in order to update. Directions for updating to 3.0 are in the release post. This destroys the database but VVV creates its own backups that can be quickly restored with a simple command.

Another major change in 3.0 is that VVV no longer stores MariaDB data inside the VM. The data has been relocated to database/data, which has the added benefit of being preserved when using the vagrant destroy command.

The release also includes quite a bit of restructuring with the removal of the /vagrant mapped folder that eliminates overlapping vagrant shared folders. In addition to several dozen smaller improvements, VVV 3.0 adds a new teddy bear when it finishes provisioning.

The Future of VVV: Version 4 to Focus on User-Friendly Improvements to Provisioning

Although VVV doesn’t yet have a user-friendly interface and requires the use of a terminal, Nowell said the team is working towards making it easier to use. For now, VVV distinguishes itself from other development apps, like Local and DesktopServer, by being a community project that is free from commercial interests.

“VVV does a lot of the things DesktopServer does but for free,” Nowell said. “We don’t charge $99 for PHP7, SSL, or WP CLI. VVV won’t up sell you on hosting either, and you can have as many sites as you want out of the box.

“A lot of people like Local for using Docker containers, but all those containers are inside a boot2docker virtual machine using VirtualBox. They have a pretty UI, and it’s great if you use FlyWheel as a host, but it’s not the easiest to get set up for contributing to WordPress.”

VVV has a specific pre-built version that provides a development environment optimized for contributing to WordPress core. It can be copied onto a USB drive and set up on a user’s machine, even while offline. This pre-built version is often handed out at the beginning of contributor days at WordCamps.

“We’re a community driven project,” Nowell said. “People going to contributor days use VVV – the entire package can be pre-built and put on a USB stick and it runs in a lot more places than some of the docker based setups that some devs use. Until recently you needed to upgrade to Windows 10 Pro to be able to use Docker on Windows. Imagine 100 contributors downloading Windows 10 iso files over conference wifi.”

VVV maintainers and contributors are working on releasing version 3.1 in the next month with all the little things they want to polish. Nowell said they have the basis for what they want to accomplish in version 4. Instead of waiting for VVV to install and configure PHP/MySQL/nginx/etc, the install process will happen on a server somewhere and the user will be able to just download the result, similar to how VVV is pre-built for contributor days.

Nowell identified the major impacts of taking this approach:

  • It doesn’t matter if provisioning works for you, we’re doing that for you.
  • If someone makes a big slip up, that’s ok, users get the last working build and see nothing.
  • Getting everything set up should be much much faster, it will remove about 70-80% of the startup time for a lot of users.

Nowell said the general goal is to “just make it more fun to use” but his personal goal is for people to be able to use VVV without ever touching a terminal. He thinks it can be done with an Electron wrapper and has performed a few experiments with it. In the past, he spent a lot of time improving the messaging for provisioning errors, but the days of trying to preempt those problems may soon be drawing to a close.

“Why fix provisioning for users if they never have to do it in the first place?” Nowell said. “I’d say VVV 4 will come pre-built so it only builds the sites themselves, like how you can grab a docker image with PHP/MySQL already setup, and fill it with a site. Eventually the dashboard itself can become an Electron app where you can turn VVV on/off and adds sites.”

VVV maintainers have some ambitious plans for version 4 that will make it available to a wider population of WordPress users and save existing users more time on startup. The project needs more testers and feature requests. Contributions to the main project are welcome on GitHub. Developers and testers can also contribute to the meta environment to improve how it works with WordCamp sites and WordPress.org.

by Sarah Gooding at May 17, 2019 09:11 PM under VVV

May 16, 2019

WPTavern: Block building without JavaScript: Testing ACF, Block Lab, and Lazy Blocks

Not everyone is able or willing to build blocks in JavaScript just yet, and sometimes you have to install three or four block collections until you find the blocks you would like.

There is a third way: plugins that create the blocks for you from a set of specific custom fields, with a template to control the frontend display of the blocks. The three most popular options for doing this include: Block Lab, ACF (Advanced Custom Fields) and Lazy Blocks.

My use case for this test is a small task I set out to accomplish with each of the plugins – to create a block for team members of a company that includes the following fields: first name, last name, headshot, bio, phone number, and email address and use the block on a page in a two-column display with two team members.

For each plugin I will demonstrate

  • how to create the Fieldgroup,
  • how to create the template for the frontend and
  • how to use the blocks to create a team page.

I used Local by Flywheel as my local development tool. The test site ran on WordPress 5.1.1, Gutenberg 5.4 and the Business Theme from WordPress.com

After reading this post you will be able to select the plugin that fits your needs.

Creating a Team Block with Block Lab

Members of the  XWP team built Block Lab and it is available as a free plugin with a commercial version. I used Block Lab first, installed the plugin and then started a new block.

Here is the video on how to set-up the fields.

The next step is setting up the block template

When I looked at the expected location, the template will be made part of the theme directory in a subfolder called /blocks/ That’s something a developer needs to remember, as there is some content lock-in when switching themes.

To create the template, I opened my code editor, created the file block-team-member.php, and added the HTML + and minimal PHP to reference the fields.

<?php block_field( 'first-name' );?> 
<?php block_field( 'last-name' );?>
<p><img class="teamphoto" src="<?php block_field( 'picture' ); ?>"
 alt="<?php block_field( 'first-name' );?> 
<?php block_field( 'last-name' );?> " width="150" style="float:left;padding:4px;margin;2px;"/>
<?php block_field( 'short-bio' ); ?></p>

<p><em>You can reach <?php block_field( 'first-name' );?></em> 
<br/>via email <span><a href="mailto:<?php block_field( 'email-address' ); ?>">
<?php block_field( 'email-address' ); ?></a></span>
 or <br/>
via phone: <span><?php block_field( 'extension' ); ?></span></p>

In the last step, I finished the configuration of this block with the Block Properties

  • I set the icon to a person,
  • selected the “Layout Elements” as Category and
  • added “team member, team” as keywords

All this is necessary for the Block inserter in the editor.

Let’s see how it works.

I added a new Page called Meet our Block Lab Team and added the team members, using the Block “Team Member”.

For now, I decided to have all the information filled within the block editor boundaries. During setup of the fieldgroup, I had also the choice to display form controls in the Block Options tab in the sidebar. For the moment, I have determined that’s it’s just personal preference. Once you click outside the block, the form disappears and the block is rendered similar to its frontend representation.

Now that I have the block finalized, I can add more team members to the page. I decided, I’d like them in a column block with two columns.

So far, so good. I was not thrilled that the location of the template points to the theme folder.

When I want to switch out the theme, I still would like to keep the block and the layout for the block with my site, so I would need to make sure to copy the blocks folder to the new theme’s directory. Another way is outlined in the  documentation for Blocklab on Github. It offers two filters to change the default location of the template:

“To use a different template inside your theme, use the block_lab_override_theme_template( $theme_template ) filter. To use a different template outside your theme (for example, in a plugin), use the block_lab_template_path( $template_path ) filter.”

This was fairly easy to set up, even if you are not a PHP developer, you can probably use the one PHP function block-field() and make sure to reference the right field names.

Block Lab, in essence, provides you with a method to create the fields and configure the block properties in one screen, and then you need to add the corresponding block template to a folder /blocks/ in your theme’s directory.  It’s fairly straight forward.

Creating a Team Block with ACF 5.8

ACF (Advanced Custom Fields) version 5.8 came out with a block builder (only available in the Pro version). For my test I used ACF 5.8 RC 1. The final release is available now.  Elliot Condon is the plugin’s author and the first version was released in 2011. The plugin has grown into a hugely popular developer tool for freelancers and agencies alike and has over 1 million installs.

Its success and versatility make the creation of the field group a more involved process compared to the other two plugins. The Pro version 5.8 contains the first release of its block building tool.

This is the admin view of the Field group “Team Member”.

Now how do I make this into a block? The documentation is comprehensive enough.  Note: In this test I went in a slightly different order…

I started with the Field Group and I needed to get back to that admin screen after I registered the block (see below) .

I  used two files. First, I needed to register the block in the functions.php of my theme. For the template/block rendering code I used content-block-team-member.php also to be stored in the active theme’s folder.

You will see how those two fit together in a second. The rest of the work is done by the plugin in the back end.

So let’s write the Block Code in PHP

The first snippet is the block registration. I gave it a name, title, a description, point to the render template, give it a category, an icon and some keywords, under which the content producer can find the block in the Block Inserter. I scrolled all the way to the end of my theme’s functions.php and added this snippet:

function register_acf_blocks() {
   // register a team member block.
       'name'              => 'acf-team-member',
       'title'             => __('ACF Team Member'),
       'description'       => __('A custom team member block created via ACF 5.8'),
       'render_template'   => 'content-block-team-member.php',
       'category'          => 'formatting',
       'icon'              => 'admin-comments',
       'keywords'          => array( 'team member', 'team' ),
// Check if function exists and hook into setup.
if( function_exists('acf_register_block') ) {
   add_action('acf/init', 'register_acf_blocks');

This code is straight from the documentation and I just changed a few values.

In the next section I created the block rendering template. The file name needs to match the “render_template” attribute in the above text, which is “content-block-team-member.php

I also just followed along ACF’s documentation and only changed a few values and updated the display code.

<pre class="wp-block-syntaxhighlighter-code"><?php
// create id attribute for specific styling
$id = 'team-member' . $block['id'];

// create align class ("alignwide") from block setting ("wide")
$align_class = $block['align'] ? 'align' . $block['align'] : '';

// Load values and asigning defaults for the block fields.
$short_bio = get_field('short_bio') ?: 'the short bio goes here... ';
$first_name = get_field('first_name') ?: 'First Name';
$last_name = get_field('last_name') ?: 'Last Name';
$image = get_field('picture');
$email_address = get_field('email_address');
$extension = get_field('extension');

<div>" class="team-member "&gt;
       <h2> </h2>
   <blockquote class="team-member-blockquote">
   <img class="teamphoto">" alt="" alt="  " width="150" style="float:left;padding:4px;margin;2px;"/&gt;
       <span class="team-member-short-bio"></span>
       <br />
       <span class="team-membe-extension"></span><br />
       <span class="team-membe-email-address">

As I started with the Fieldgroup, I needed to go back and make sure that the group is associated with the block I just registered.  Below the Fieldgroup screen I created a rule for the Location: It needs to read: “Show this field group if the Block is equal to ACF Team Member.  

Now let’s see how this works in the Block editor when I add two members.

It was an interesting experience. You can use the form in the editor section to enter the data. Another option is to enter the data in the form fields available in the the sidebar and you see the block update in real time. You can toggle between the two methods but clicking on the Button “Switch to Edit” or “Switch to Preview” depending which method you are using right now.

The block editor UI works well. It’s worth going through the more elaborate setup and code necessary.

Creating a Team Block with Lazy Blocks

The third plugin in this test is called “Lazy Blocks” by Nikita of nkdev.info, the same team that also published the GhostKit block collection.

It not only allows me to store information in post_content but I also get a choice to store it in the post_meta table.

Here is a video of using the interface to create the fields.

As this admin screen is focused on getting all the information to create the blocks, on the left I created my fields and in the sidebar.  I filled in the information needed to register a block with the editor.

Underneath,  I was able to add the HTML for frontend and backend. The syntax is even easier than Block Lab, and of course much easier than ACF’s  templating.

I didn’t need to add any code to my theme’s functions.php nor did I need to create additional files with my template code.

You can add it all right here, aided by syntax highlighting and merge tags rather than function calls.  The documentation shows multiple ways to write your template code. I am definitely a fan of Handlebars (semantic templating) as it is in this context much closer to other systems’ merge tags.

I copy/pasted the same code into the “Editor HTML” tab, so I could see the frontend display below the form fields.

Let’s use it.

This seems to work. It was little bit awkward that the form didn’t disappear when I unselect the block. It takes up a lot of real estate in the editor. Although, I wanted to have the team members in a two-column block, I did not succeed in dragging and dropping the two blocks into a Column Block. I mentioned this in my support topic and nK answered: “…hiding controls when the block is not selected is a good feature, that already added in ACF Blocks and will be added in Lazy Blocks soon.” Here you have it – all in due time.

Conclusion: Complex, Evolved, or Easy.  

ACF 5.8  has a very robust block building feature, and every one who has been using the plugin to build sites will be very happy to be able and create dynamic blocks for their customers. It’s well thought through, and developers of all skill sets will get up and running quickly.

Someone, who is not well versed in PHP will have her fair share of trial and error to get it all going. It will get even more complicated when the requirements for the blocks get more involved and beyond this test’s use case. This is not a tool for WordPress beginners or DIY site implementers who don’t write a lot of code themselves.  

For now, only the ACF 5.8 Pro version comes with the block builder feature. Condon is contemplating making it a stand alone plugin. (See what the Twitteratti think about the idea… )

Block Lab is in its early stages of development. It succeeds in abstracting most of the block architecture and reduces the amount of code that needs to be written. The documentation is very helpful. The template is stored in a separate file, and needs to be maintained with the rest of the theme files. If we at my company would use it for any of our projects, we would store the template file with one of our helper plugins, so our customers are able to switch themes without losing the content and display of the blocks built with Block Lab.

The Pro version boasts additional features, such as repeater fields, import/export of blocks, user object fields, map field and many more block features.

XWP is an agency working with enterprise clients on the WordPress.com VIP hosting and other corporations. Their team members are contributing to other big ideas in the WordPress space, including the Customizer,  AMP and Tide. I expect the plugin to stay around and grow with Gutenberg Phase 2 into a robust system for site implementers, agencies, and theme developers.

Lazy Blocks is a delight to set up and as mentioned, I am a fan of the Handelbars templating syntax. It’s easy to learn even for beginners, and with a little practice, a site owner would be able to create specific Gutenberg blocks for their site. The block handling in the editor although functioning, is a little clunky, as the display doesn’t switch between block select state and unselect state at the moment.

If there is a requirement of having additional fields for a page or a section of a post, Lazy Blocks is a great tool to prototype and get quickly from idea to proof of concept.

The only caveat: I was not able to find out who the people are behind nkdev.info and the name Nikita. The website only reveals that it is a young company but nothing more. If you use the plugin, make sure you have Plan B in place just in case the developers abandon the plugin before it takes off.

ACF 5.8 is quite complex; Block Lab is a very flexible and only semi-complex; and Lazy Blocks is adequately named and the easiest to use. None of them lets you get away without writing code, as each block needs some display output in HTML.

Let me know what you think about these three block generating plugins. Also, if you found another plugin that allows you to build blocks without getting into Javascript, I want to know about it! Please share your thoughts and discoveries in the comments!

by Birgit Pauli-Haack at May 16, 2019 10:42 PM under News

WPTavern: HostCamp: An Unconference For Advancing the WordPress Infrastructure

HostCamp is a small, semi-informal, invitation-only, event with an unconference style that is bringing leaders together from within the hosting industry to discuss and share ideas on how to advance the WordPress infrastructure across the web.

The organizing team is comprised of, Jonathan Wold, Ecosystem Consultant, Formerly VP of Strategy at XWP, Mile Rosu, Co-founder and CEO of Presslabs, Mihai Grescenko, Head of Design at Desero, Anna Maria Radu, Event producer for DigiTales, and Andreea Oproiu, Communication and PR specialist for DigiTales.

Speakers will present on a variety of topics including, malware, ethics in WordPress hosting, PHP versions, portability, and more. Betahaus, a network and co-working facility in Berlin, Germany, is hosting the event.

Betahaus Facility in Berlin, Germany

Rosu describes the unconference as, “A launchpad for innovations in the hosting industry where opportunities in WordPress infrastructure are encouraged and promoted.”

If you’re interested in attending, there is an application form near the bottom of the HostCamp site that is available until June 1st. Tickets are on sale now for €200 or $223.47. Refunds are available if you contact the organizing team 30 days prior to the event.

It should be noted that WordCamp EU is taking place in Berlin, Germany, as well and begins a day after HostCamp.

by Jeff Chandler at May 16, 2019 09:09 PM under wceu

WPTavern: Matt Mullenweg Launches New Blog and Podcast on Distributed Work

photo credit: Min An

Automattic CEO Matt Mullenweg has launched a new blog and podcast at Distributed.blog where he will be sharing what he has learned over the past 15 years of managing a distributed workforce. In 2019, Automattic now employs more than 900 people from 68 countries who have all worked in a distributed fashion since day one.

“With the Distributed podcast I wanted to take a closer look at how some of the most innovative companies and brilliant minds think about the future of work,” Mullenweg said. “Not just the binary questions of ‘remote work’ vs. ‘office work,’ but the wider spectrum of what’s possible and why it matters. How can we work better and smarter in the decades to come—and what’s the moral imperative driving our desire to change?” 

The first episode of the podcast features Upwork CEO Stephane Kasriel, who is deeply embedded in the labor market for remote work. His company offers a global platform for connecting businesses with freelancers. Upwork went public in 2018 and is expected to do more than $1.7 billion in business this year. Kasriel has a wealth of knowledge to share from his experience managing more than 1,100 remote freelancers in 500 cities, in addition to 400 on-site employees.

“Our mission at this company is to create economic opportunities for people to have better lives, and the way we measure that is how much money goes into people’s pockets,” Kasriel said.

Both Mullenweg and Kasriel are passionate about seeing more companies embrace remote work and the first part of the podcast goes deeper into what is currently broken about work. Those living in big cities are often paid well for their talents and expertise but will spend a large portion of that money on the cost of living. Kasriel said he believes Upwork can be a “driving force in creating a better future” by championing remote work as the economic catalyst for improving working conditions across the globe.

“This distributed-company movement is the awakening of the tech industry [to the reality] that we are part of the problem,” Kasriel said. “Part of the reason why jobs have been destroyed in plenty of places in the country while all the new jobs were created in a small number of areas is because of tech.”

For those who are curious about how CEOs and managers make distributed work a success, the first episode includes discussions on some of the more practical issues of managing a remote work force. Mullenweg and Kasriel discuss the challenges of working across timezones, strategies for improving communication and preventing employees from feeling a sense of isolation, and managing productivity and performance.

The topics included in the episode are even applicable for smaller distributed companies that are just starting out. Kasriel shared tips on establishing a strong culture of employee satisfaction for both on-site employees and those working remotely, navigating conflict, integrating new employees into remote culture, and allowing people to “delocate” from on-site work.

After listening to this episode, I found that Mullenweg and Kasriel presented a compelling case that distributed work is not just a buzzword in the tech industry. It is actually a movement with a powerful economic impact that is poised to change the world. Remote work also has the added benefit of creating opportunities for people who have a difficult time participating in the traditional labor market, effectively increasing the diversity of a company’s employees by offering a more inclusive model for working.

The podcast is produced by Mark Armstrong and the team at Charts & Leisure. There’s a lot of valuable information efficiently packed into just 37 minutes. If you manage a distributed team or are part of one, this is a high quality new show to add to your subscriptions.

by Sarah Gooding at May 16, 2019 06:14 PM under News

Matt: Introducing the Distributed Podcast

I’ve been meeting with some brilliant people for Distributed, my new podcast dedicated to exploring the future of work. The first episode is a conversation with Stephane Kasriel, CEO of Upwork, about how they built a distributed culture, and how flexible work will shape the future of the global economy.

Unlike Automattic, Upwork does have an office in Silicon Valley (albeit one with a remote receptionist!). It was interesting to hear how Stephane’s teams balance in-person culture with inclusiveness for all employees, no matter where they live. Read more about Stephane’s work at Distributed.blog, and subscribe at Apple Podcasts, or wherever you listen to podcasts.

by Matt at May 16, 2019 02:59 PM under distributed work

WPTavern: Gutenberg 5.7 Adds New Block Appender for Group and Columns Blocks

Today’s release of Gutenberg brings a major improvement to the usability of the Group block. In previous versions of the editor, it wasn’t easy to see if a block had been inserted as a child block, especially since the default behavior was to insert an empty paragraph block. Gutenberg 5.7 brings more clarity to the UI for Group blocks by displaying the new block appender as the default state when no inner blocks are detected. (The “appender” is the fancy name for the button with the plus sign inside it that opens the UI for inserting a new block.)

The Columns block has also been updated to add the new block appender, and this release adds support for setting column widths. The inflexibility of the Columns block has been a frustration for users since it was introduced, but this release makes progress on one of the most common requests. Users can now set a percentage width for the columns in the block settings. The UI for this is a bit clunky, but a more interactive, draggable column resizer handle is coming in a future release. Future iterations may also include “quick-select” template options for users to select from when setting up their columns.

Other new features in this release include support for showing post content or an excerpt in the Latest Posts block and support for header and footer toggles in the Table block.

One handy little addition to Gutenberg 5.7 is the ability to update images using drag & drop. Users can now drag an image onto an image block that already contains an image. The image will be uploaded and will replace the previous one, saving users many clicks in the process of changing an image. Future updates may also add the same behavior to the audio, video, file, and Media & Text blocks.

Gutenberg 5.7 includes dozens of bug fixes and accessibility improvements, with several suggestions that originated from WPCampus’ accessibility audit. It also brings a significant boost in performance with a 14% faster loading time than the previous version.

The project’s documentation has a new home on WordPress DevHub and has been reorganized for better navigation.

A list of all the changes in the 5.7 release is available in the release post.

by Sarah Gooding at May 16, 2019 04:44 AM under gutenberg

WPTavern: Site Health Tool Manager Provides A Convenient Way to Disable Unnecessary Site Health Check Tests

WordPress 5.2, released last week, added two new pages to the WordPress backend to help users diagnose common configuration issues. The Site Health Check page runs a series of tests and categorizes the results as critical, recommended, and good. This helps users prioritize which issues require immediate attention.

WordPress 5.2 adds filters for developers to add, edit, or remove tests but these filters may not be as accessible as a plugin. Site Health Tool Manager by William Earnhardt is a new plugin that provides an easy way to disable tests.

Site Health Tool Manager Settings

In some situations, consultants may want to disable certain tests to prevent the results from panicking a client. For example, if a consultant has configured a site to not receive automatic updates because the site is managed with version control, the site health check test is unnecessary.

Disabling unnecessary tests can also increase a Site’s Health Percentage score. However, in the plugin’s description, Earnhardt stresses that the plugin should, “only be used to disable tests with a legitimate and acceptable reason for failing. It should not be used to hide tests which can be fixed.

Site Health Manager also supports the tests that were recently added in Jetpack 7.3. Site Health Tool Manager is free and can be found on the WordPress plugin directory.

by Jeff Chandler at May 16, 2019 02:33 AM under tools

May 15, 2019

WPTavern: Pressing Topics – Episode 2

Pressing Topics is a daily podcast hosted by Malcolm Peralty and myself. We discuss the news that’s making headlines in the WordPress ecosystem as well as related topics that catch our eyes. Generally speaking, if you listen to this show on a daily basis, you should have a good idea on what’s going on in the WordPress community.

In this episode, Malcolm and I review the most common mistakes WordPress theme developers make based on a veteran theme reviewer’s experience, the 10 best countries to outsource software development too, and a new proposal to the Plugin Directory Guidelines.

Due to a software issue, the volume of my voice in the beginning of the show varies from loud to quiet to loud again. The audio normalizes after about 5-10 minutes. I’ve made some software changes and am hopeful the audio quality in episode three is much better.

Stories Discussed:

The Most Common WordPress Theme Development Mistakes (and How to Fix Them)

10 Best Countries to Outsource Software Development, Based on Data

4 Reasons You Should Choose WordPress for Your E-Commerce Site

Jetpack 7.3.1: Maintenance Release

Proposal to Modify Plugin Guidelines

The transcript is in Rich-Text format. You can download the show or listen to it via the embedded audio player below.

Listen to Episode 2 of Pressing Topics

by Jeff Chandler at May 15, 2019 07:37 PM under theme development

WPTavern: Reakit Version 1.0 Released: A New Toolkit for Building Accessible Web Apps with React

Reakit is a new toolkit for building accessible web apps with React. Brazilian developer Diego Haz launched his MIT-licensed open source project this week with a stable version 1.0 now available to the public.

The toolkit offers offers composable, themeable, and accessible UI components that strictly follow WAI-ARIA 1.1 standards. Out of the box, Reakit manages focus and keyboard interactions for components that require them.

“WAI-ARIA is hard,” Haz said. “Mostly because the spec is dense, confusing and incomplete. My goal with Reakit is not only to provide accessible components out of the box, but also to serve as an example so people can build their own accessible stuff from scratch.”

Last year Haz removed all the unnecessary styles from the core package, in favor of having separate packages for themes. The core library is now unstyled by default and does not depend a CSS library. This makes it easier for developers to build UIs from scratch. Developers with specific presentational requirements can easily apply their own styles, instead of spending time having to overwrite a built-in set of styles.

Those who don’t want to start from scratch can install a theme package like reakit-theme-default. As the community around Reakit grows, more themes will may become available as packages.

Reakit’s GitHub repository has been starred more than 2,100 times and 34 people have contributed to the project. Developers who discovered Reakit in its earlier days of development are already building apps and libraries that use the toolkit.

One year ago, Haz left his job to work on Reakit full time as an open source project, because accessibility wasn’t a major priority at the company that employed him.

“I started building Reakit in my spare time with the purpose of easing my team’s work as we were building most of our components from scratch,” Haz said. “The company not only denied that idea (which may be reasonable), but also asked me to delete the project.

“So I realized that I was in the wrong company and quit. Since I had savings, I decided to focus on this project. But soon enough I’ll have to find another job. I’ll try to find companies where I can use Reakit so I can improve the library at the same time I’m building something with it.”

Not all companies prioritize accessibility in their React-based products. One reason is the expertise and passion for accessibility, paired with React skills, is hard to find.

As WPCampus’ Gutenberg accessibility audit demonstrated, making accessible web apps with React is challenging. Gutenberg is making major improvements towards becoming more accessible after the completion of the audit. This process has shown that leveraging accessibility expertise and baking it in from the beginning is crucial for writing accessible web apps.

React is often, and perhaps unfairly, singled out as having an accessibility problem. The library isn’t known for making it easy, but it does provide accessibility documentation and encourages developers to write semantic HTML.

While there is no magical “do-it-for-me” library that can ensure an app’s accessibility, the Reakit toolkit gives developers a head start. The project is open to contribution on GitHub and is also on Open Collective for those interested in funding its development.

by Sarah Gooding at May 15, 2019 07:02 PM under reakit

HeroPress: I Found My Tribe

Pull Quote: I don't just have WordPress acquaintences. I have WordPress friend. I have WordPress family.

When I was a kid not a single girl said “I want to be a web designer when I grow up”. Mostly because there was no world wide web. There weren’t video games either, until I was in junior high school and Pong came out. Back when I was a kid, girls mostly thought about becoming teachers, nurses, ballerinas, and mothers. We weren’t encouraged to do “man” jobs. We definitely weren’t encouraged to pursue STEM careers.

As a matter of fact, my high school guidance counselor told me that I should give up my dream of college and concentrate on being a stay-at-home mom. (It was 1987 and I was ranked 21/325 students in my graduating class.)

I’ve always been a bit of a calculated rebel, so I didn’t heed her advice. Instead I started down a long path through academia that would eventually bring me here, to WordPress and the community that has become my tribe.

I’m often asked how I started my WordPress business. I would love to tell you a story about how I did a ton of research, met with mentors, found advisors, wrote a perfect business plan, crafted an amazing marketing plan, and launched according to a timeline all neatly written out (and using a project management app, of course).

It wasn’t like that at all.

At the time I started my business I had worked in higher education for over twenty years as an administrator in five different colleges, universities, and trade schools. I had a bachelor of arts degree in Religion and Philosophy, classical training in vocal performance, an MBA (in marketing, e-commerce, and information systems management), and coursework completed toward a doctorate in higher education administration.

In June of 2013, I decided it was time to leave my job as an administrator in a local trade school. I hadn’t really been happy for a long while, and the timing was right financially for me to make a move. My plan was to take July off, use August to job search, then be employed by September.

Have you ever heard the phrase, “Men plan, God laughs”?

While it was still June, and within the two weeks’ notice I had given, I was afraid I might become bored. I thought I could make a little money doing some marketing, so I posted to my personal Facebook page that I would love to help out friends and family with social media or web design. The customers came out of the woodwork.

And just like that, I had a business.

I made many mistakes along the way, of course. I charged $300 for a website when I started ($500 for e-commerce). I paid my dues and learned the trade. I started attending WordPress meetups in Rochester. They were sporadic, at best, so when the organizer asked me if I would become the organizer, I jumped at the chance and got us on a regular schedule, with topics in advance and volunteer speakers.

From there it was just a matter of time before I would attend my first WordCamp (Buffalo, 2014). Since then I’ve attended more than thirty camps, organized six, mentored five, and spoken at twenty.

I love WordPress. But I love the people even more.

I don’t just love WordPress. I fell in love with WordPress. The ease of use. The total control. I love that there’s always more to learn. I love that I can teach others how to use it. I love the events. I love the collaboration. I love the people.

I don’t just have WordPress acquaintances. I have WordPress friends. I have a WordPress family.

The first site I ever logged into was created for my best friend and me. We had just started a nonprofit organization and her husband built us a website. He made the structure, but we had to add the content. He emailed us our logins. I remember logging in like I had mistakenly been given the key to the castle and wasn’t really supposed to use it. I was afraid to click links. I was afraid to click “publish” or “update.”

I thought for sure I’d kill the whole site. But I didn’t.

I wrote. I added classes. I added pages. I added posts. We added a membership component and soon I was navigating that like a sailor in well-known waters. I was a great WordPress user, but I still didn’t understand the connection between purchasing a domain and having a WordPress site, so I called my friend’s husband.

Rob and Christine had five kids and Christine worked evenings. When I asked Rob to teach me how to get from the domain purchase to having a site, a deal was struck: if I would cook dinner for their kids, he would teach me WordPress. I made spaghetti, purchased a domain and hosting, and I wrote 4 things down on a piece of paper:

  1. Download WordPress from wordpress.org.
  2. Upload WordPress through FTP.
  3. Edit wp-config file (don’t forget to change the salt keys)
  4. Don’t use “admin” as the account name.

The rest I (miraculously) remembered. That was eight years and over 300 WordPress installations ago.

Which all led me to where I am now.

Getting up the courage to speak at WordCamp about a year after I started building sites was scary. I felt like an imposter. I was sure I would be “found out,” but I really did “know my stuff.” People were very complimentary about my talk, so I applied to more camps. I met more people. My friends teased me that I wanted to know all the “A-Listers” in WordPress. Others teased that I wanted to BE an A-Lister. What I really wanted was to learn as much as I could, share what I knew, and build a network.

In 2017 I spoke at WordCamp Ottawa. It was there I built a connection with Jason Knill of GiveWP.com. I had used Give before, and I told him about how it worked for me. He asked if Give could write about the nonprofit site I had built to raise money to feed children in South Sudan. He interviewed me about it. At the end of our meeting I mentioned to Jason that “if you ever have an opening, I’d love to work for you.” Four and a half months later I started working full-time as the Head of Customer Success for Give.

What I love about my job.

In my role at Give I get to talk to people all over the world. I get to help them increase their fundraising, which in turn helps their organizations – most of which are nonprofits helping make the world a better place.

With our WP Business Reviews plugin I get to work with businesses that are hoping to grow and succeed – just like I did when I started my freelance business.

I get to build a team that helps us succeed by helping others succeed. I get to employ people locally in my small hometown outside of Rochester, NY.

I get to keep sharing my love of WordPress.

I continue to speak at WordCamps, mentor and teach locally, and organize my local WordPress Meetup and Technology Nonprofit Meetup. I love Slack, Facebook Groups, Facebook Messenger, and Twitter messages because they let me keep in touch with all of the wonderful people I meet in the community.

Mostly I love how WordPress has empowered me to do more and to be more.

I’ve spent most of my life trying to broaden my comfort zone.

As you can probably tell, I have a pretty large comfort zone. Actually, I can’t remember the last time I saw the border of my comfort zone, because it’s that big; but it wasn’t always so. When I was a child I had a comfort zone the size of a postage stamp. I had to stand in it on one toe, like an uncoordinated ballerina trying to learn to go en pointe and failing miserably. I was timid and shy. I was afraid of everything.

Then one day I decided to do something uncomfortable. I ran for 8th grade student council secretary. It didn’t occur to me that I might not win. I have no idea where that hubris came from. I figured, at that point, that I had just as good a chance as anybody else. I made posters. I gave a speech. And something amazing happened. I lost the election. I mean, I cataclysmically lost the election.

Most people wouldn’t think that losing an election was amazing, but it was. It was amazing because I learned that I could step outside of my comfort zone, lose, and survive. I could still breathe. Still be me. It had changed me and my perceptions of myself. After that, instead of a postage stamp-sized comfort zone, I could put my foot down on the whole envelope.

It didn’t end there.

What I learned is that comfort zones are like concentric circles. A step outside doesn’t just stretch the zone to fit that footstep. Instead, it increases it exponentially. Where before you had a three-foot circle, now you have a six-foot circle, then twelve feet, then twenty-four feet, then before you know it, you won’t be able to see the edge of your zone because it’s so big.

WordPress helped me with that, too.

Instead of feeling like an imposter, the WordPress community embraced me and gave me the validation I needed to feel like I belonged. People were receptive to my ideas. Some wanted to teach me. Some wanted to learn from me. Some wanted to work with me. People hired me. Others asked my opinion or for help. I belonged. I had a tribe.

I will continue to contribute to, support, learn from and grow with WordPress. I love it here. I love my tribe.

I hope you find your tribe, too.

The post I Found My Tribe appeared first on HeroPress.

by Michelle Ames at May 15, 2019 12:00 PM

May 14, 2019

WPTavern: WPWeekly Episode 352 – Capital P Dangit and My Future Plans

*Update* The previous mp3 attached to this post inadvertently ended around the 31 minute mark. I’ve reuploaded the episode and corrected the problem. The full episode is attached below.

In this episode, John James Jacoby and I share what’s new in WordPress 5.2, discuss why not capitalizing one letter can make or break someone in the WordPress community, and what’s new in Jetpack 7.3. We also highlight the highly anticipated release of Advanced Custom Fields 5.8.0.

Near the end of the show, I describe what I’ve been going through the last few months and what you can expect from me going forward. In short, a variety of audio content.

Stories Discussed:

WordPress 5.2 “Jaco” Released, Includes Fatal PHP Error Protection and A Recovery Mode

Registration for WordSesh 6 Is Now Open

New Membership Block Coming to Jetpack, Site Health and Debug Info Added to Version 7.3

Advanced Custom Fields 5.8.0 Introduces ACF Blocks: A PHP Framework for Creating Gutenberg Blocks

WPTracSearch: An Elasticsearch-Powered Search Interface for WordPress Trac Tickets


Transcript of EPISODE 352 – WordPress Weekly

WPWeekly Meta:

Next Episode: Wednesday, May 22nd 3:00 P.M. Eastern

Subscribe to WordPress Weekly via Itunes

Subscribe to WordPress Weekly via RSS

Subscribe to WordPress Weekly via Stitcher Radio

Subscribe to WordPress Weekly via Google Play

Listen To Episode #352:

by Jeff Chandler at May 14, 2019 09:47 PM under wptracsearch

WPTavern: Bear App Adds WordPress Publishing Integration for iOS

For several years, Bear App users have eagerly requested the ability to publish their notes to WordPress. Bear features a zen writing experience blended seamlessly with note-taking capabilities, a combination that landed the app an Apple Design Award in 2017.

People use Bear for everything from taking notes to writing chapters for books. Many users also rely on the app for writing drafts for blogs they plan to publish on other platforms. This often requires multiple steps for copying and pasting content, especially when there is media or HTML included in the content.

Two years ago, the app’s creators had WordPress publishing on their to-do list but it wasn’t yet a priority. They were reluctant to implement their own publishing tool with the WordPress APIs and preferred a solution that would rely on external apps.

Things have changed in the past couple of years, as writing apps have more pressure to provide a frictionless connection to publishing capabilities in order to remain competitive. WordPress’ market share has grown to be an estimated 33% of the the top 10 million websites. In fact, Bear recently moved its blog off of Medium and over to WordPress in February 2019.

This week WordPress.com, maintainers of the open source WordPress mobile apps, and Bear announced that they have collaborated on a solution that allows users to publish notes to WordPress blogs on iOS. Recent updates to both Bear and WordPress apps enable users to click the share icon on a note and see WordPress pop up as an option. The content is shared with all of its formatting, headings, lists, links, and media in tact.

Bear screen recording

The developers at Shiny Frog, makers of the Bear app, explained the solution they landed on for the WordPress integration:

We built an open source library for processing TextBundle files. TextBundle is an open standard for sharing plain text files that include attachments like photos. WordPress then worked to add TextBundle support to its iOS app. Bear hands your note off to WordPress as a TextBundle file, and WordPress converts it into a blog post.

Using an open standard like this allows other other developers to build on top of it to create their own integrations for other platforms. It also keeps the Bear app team from having to stay up to date with all the changes to APIs of multiple platforms.

The new WordPress publishing integration works with any site you have in the WordPress mobile app for iOS, including both self-hosted and WordPress.com sites. Notes must begin with an H1 tag in order to have the blog post title automatically populated. Bear App users can start publishing to WordPress immediately after updating both apps to the latest versions released this week.

by Sarah Gooding at May 14, 2019 08:20 PM under bear

Akismet: Version 4.1.2 of the Akismet WordPress Plugin is Now Available

Version 4.1.2 of the Akismet plugin for WordPress is now available. It contains the following changes:

  • We’ve reduced the number of API requests made by the plugin when attempting to verify the API key.
  • We’re now including additional data in the pingback pre-check API request to help make stats more accurate.
  • We fixed a bug that was enabling the “Check for Spam” button when no comments were eligible to be checked.
  • We’ve improved Akismet’s AMP compatibility.

To upgrade, visit the Updates page of your WordPress dashboard and follow the instructions. If you need to download the plugin zip file directly, links to all versions are available in the WordPress plugins directory.

by Christopher Finke at May 14, 2019 03:06 PM under WordPress

WPTavern: The Most Common WordPress Theme Development Mistakes (and How to Fix Them)

Submitting a theme to the WordPress.org theme directory is a great way to share your work and contribute to the WordPress community. Currently, there are over 7000 themes in the directory, the most popular of which exceeds 300,000 active installations. (Not including Twenty____ Themes which are packaged with WordPress and have install counts in the millions.)

Before submitting your theme to the directory, it’s important to understand the review process first because if your theme doesn’t meet those requirements it can be rejected on the spot.

Themes that have 3 or more distinct issues may be closed as not-approved. However, theme authors may resubmit the theme once they’ve corrected the issues.


Reviewers are on your side and want to see your theme go live, once it meets the standards required. If your theme has only minor issues preventing it being included in the directory, your reviewer will work with you to fix those.

Unfortunately, if your theme has too many issues it will be closed as not-approved. If you decide to fix the issues you can upload the theme again – but it will join the back of the queue.

From my experience reviewing over 100 themes I’ve been able to identify the most common issues that prevent themes being approved. By sharing these with you in this article I’m hoping I can help you avoid getting stuck in the queue or rejected.

Uploading Your Theme

When you upload a theme, it joins the queue to be reviewed. On average it will take two months for your theme to reach the front of the queue and receive its first review. All reviewers are volunteers with limited time available to complete reviews. A variety of factors can affect the wait time. When more people volunteer to review themes, the queue moves quickly. Conversely, when themes with a lot of issues are submitted it slows down the queue.

By submitting a theme that meets all the requirements it makes the review process a lot smoother and ultimately your theme will be live sooner. In this guide, we are going to explore the most common issues that will keep your theme held up in the queue and prevent it from being approved.

Note: Theme authors that have a track record of submitting issue-free themes can apply to become ‘Trusted Authors‘.

Naming Issues

When you upload a theme, the first check that is performed is to see if the name is already taken. Frequently you will be told the name you’ve chosen is already taken, even if you can’t see a theme with that name in the directory.

How could that be? The reason is that the test isn’t checking against just the directory, it’s checking against the entire WordPress ecosystem. If a theme has been released anywhere (Github, ThemeForest, etc.) and has over 50 active installations, that name will be unavailable to use.

Note: if you’ve released your theme elsewhere and accumulated 50+ installations, you can still use that name in the directory.

Unescaped Output

Theme reviewers take security very seriously, there’s even a dedicated resource. An entire article could be written on writing secure themes, but in this section we are going to explore one aspect: escaping output.

Unescaped output places users of your theme at risk. Here’s an example of an unescaped value ($title):

$title = get_option( 'my_custom_title' );
echo '<h2>' . $title . '</h2>';

The problem with the above is that while we know what type of value $title should be, a string, we have not checked if that is the case.

If a hacker has managed to change the value of ‘my_custom_title’ in the database, your theme will output that value. This presents a huge risk as they could replace the intended output with inline Javascript:

    alert('This is dangerous'); 

The solution is to escape all output to ensure it only includes the type of data we are expecting.

Our example could be fixed like this:

$title = get_option( 'my_custom_title' );
echo '<h2>' . esc_html( $title ) . '</h2>';

The downside to using esc_html is that it strips all HTML tags. If $title included bold or italics, for example:

$title = 'This article is <strong>very</strong> useful';
echo esc_html( $title );

The word ‘very’ would not be bold on the frontend; instead it would output the code <strong>very</strong>.

This illustrates why it’s important to use the correct escaping functions for the context. If we were expecting some HTML in the output, we’d be better using wp_kses_post() or wp_kses() and setting the $allowed_html parameter.

Functions that output also need to be escaped:

<a href="<?php echo esc_url( get_permalink() ); ?>">

The exception is WordPress core functions that include ‘the_’ in their name, these are usually escaped already.

function the_permalink( $post = 0 ) {
     * Filters the display of the permalink for the current post.
     * @since 1.5.0
     * @since 4.4.0 Added the `$post` parameter.
     * @param string      $permalink The permalink for the current post.
     * @param int|WP_Post $post      Post ID, WP_Post object, or 0. Default 0.
    echo esc_url( apply_filters( 'the_permalink', get_permalink( $post ), $post ) );

Untranslatable Text

To be accepted into the directory all themes must be 100% ‘translation-ready’. That means each text string your theme outputs must be translatable.

WordPress already has the systems and functionality to handle the translation process, you just need to make sure your strings use the correct functions.

While simple to implement, this is often overlooked as it goes against the flow of how people write HTML.

Normally, you might do something like this:

<h1>404 - Not Found</h1>

To make it translatable, you need to add in some PHP:

// __ functions are the basis of localization.
<h1><?php echo __( '404', 'text-domain' ); ?>

// _e functions echo the value.
<h1><?php _e( '404', 'text-domain' ); ?>

// Escape and echo the string.
<h1><?php esc_html_e( '404', 'text-domain' ); ?>

// localization and variables.
<h1><?php _n( 'One post', '%s posts', $count, 'text-domain' ); ?>

Strings output by functions must also be translation ready:

// not translation-ready :-(
<?php next_posts_link( 'Older Entries' ); ?>

// translation-ready :-)
<?php next_posts_link( esc_html__( 'Older Entries', ‘text-domain’ ) ); ?>

Tip: A lot of code examples in codex.wordpress.org don’t use the translation functions, so be careful when copy and pasting those.

Incorrectly Enqueuing Resources

The .css and .js files your theme uses must be enqueued using the correct functions: wp_enqueue_style() for CSS and wp_enqueue_script() for Javascript.

A common error is to hardcode scripts and styles directly into the <head> or before </body>. There are two problems to this approach:

1. Impossible to remove

If a plugin needs to remove a resource you have loaded, it’s not possible. If you had used the proper enqueue functions it could be done like so:

 * Dequeue the theme javascript.
 * Hooked to the wp_enqueue_scripts action, with a late priority (100),
 * so that it is after the script was enqueued.
function wptavern_dequeue_script() {
   wp_dequeue_script( 'theme-scripts' );
add_action( 'wp_enqueue_scripts', 'wptavern_dequeue_script', 100 );

2. Duplicate Loading

If you enqueue a resource, jQuery for example, and a plugin also enqueues it, WordPress is smart enough to only load it once.

 * Enqueue jQuery
 * jQuery will only be loaded once, despite the two enqueues.
 * jQuery is packaged with WordPress so we don't need to specify a src. 
function wptavern_enqueue_script() {
   wp_enqueue_script( 'jquery' );
   wp_enqueue_script( 'jquery' );
add_action( 'wp_enqueue_scripts', 'wptavern_enqueue_script' );

If instead you had hardcoded jQuery into your <head> then there would be no way for WordPress to know, and it would be loaded twice.

Plugin-Territory Functionality

The scope of a theme should only handle the design and aesthetic of a website, all other functionality should be handled by WordPress itself or plugins.

In an attempt to add more value to their themes, theme authors often try to incorporate extra functionality, for example, SEO controls or custom post types.

The problem with bundling functionality into a theme is that the data is not portable. Take SEO controls as an example, if the user changes the theme, they lose all the work they did to optimize their pages. In contrast by using an SEO plugin, the data and functionality is independent of the theme and will be retained when changing the theme.

Some examples of plugin-territory functionality:

  • Analytics/Tracking
  • SEO controls
  • Contact Forms
  • Shortcodes
  • Gutenberg Blocks

Tip: If your code writes to the database, it is highly likely to be plugin territory. The exception would be design-related settings (sidebar position, colors, etc.).

Not Prefixing

Prefixing is a way of ensuring that your code doesn’t clash with code from plugins. Namespacing in PHP is a better way to achieve the same effect. However, some users are still using old versions of PHP (5.2) which don’t support that feature.

Justin Tadlock shared a list of common things that should be prefixed:

  • PHP function names.
  • PHP class names.
  • PHP global variables.
  • Action/Filter hooks.
  • Script handles.
  • Style handles.
  • Image size names.

Source: https://themereview.co/prefix-all-the-things/

// function example.

// class example.
class My_Prefix_Example { … }

// action and filter example.
do_action( 'my_prefix_action' );
apply_filters( 'my_prefix_filter', $values );

// enqueue examples.
wp_enqueue_script( 'my_prefix_script', get_template_directory_uri() . '/js/custom-script.js' );
wp_enqueue_style( 'my_prefix_style', get_template_directory_uri() . '/css/styles.css' );

// image size example.
add_image_size( 'my_prefix_image_size', 220, 180 ); // 220 pixels wide by 180 pixels tall.

Exception: When enqueuing third-party resources, don’t add a prefix:

 // enqueuing a third-party script (chosen.js).
 wp_enqueue_script( 'chosen', get_template_directory_uri() . '/js/chosen.js' );

Licensing Issues

Your theme and all of its files must be 100% GPL-compatible. This includes images, libraries, scripts, and fonts.

All third-party resources must list their source and license information.

This requirement can be particularly tricky as not all licenses are GPL-friendly. The Unsplash license only has one restriction:

“This license does not include the right to compile photos from Unsplash to replicate a similar or competing service.”

That one restriction, however, is enough to make it non-GPL-compatible, and as such, you won’t see Unsplash images included in wordpress.org themes.

A list of GPL-compatible licenses is available here – https://www.gnu.org/licenses/license-list.html#GPLCompatibleLicenses

Recently, stocksnap.io has been the most common source of images in the directory as all the images they list are licensed as CC0 (GPL-compatible).

Screenshot Mistakes

The requirements state that your screenshot should be an unedited representation of your theme that doesn’t look like an advertisement. That means no photoshop work, overlays, borders or fancy effects.

Images must also follow the same licensing requirements we explored above.

theme pictured: Blocksy

Bonus: Use a Coding Standard

Code that seems easy to read and understand for you, can be the complete opposite for a reviewer who only has 10-15 minutes to check your code.

While there is no requirement on coding standards, following one does make your code easier to read, understand and maintain. I personally use and recommend the ‘WordPress Coding Standards‘, though there are others.

Using PHP_CodeSniffer and the WordPress ruleset in your code editor can make adhering to a standard a lot easier – https://github.com/WordPress-Coding-Standards/WordPress-Coding-Standards


The Theme Requirements are created with the end user in mind. Avoid making the common mistakes I’ve listed above and your theme will be approved in no time. If you would like to experience the review process from the other side, you can even become a reviewer.

by Danny Cooper at May 14, 2019 02:56 PM under News

WPTavern: Pressing Topics – Episode 1

Pressing Topics is a daily podcast hosted by Malcolm Peralty and myself. We discuss the news that’s making headlines in the WordPress ecosystem as well as related topics that catch our eyes. Generally speaking, if you listen to this show on a daily basis, you should have a good idea on what’s going on in the WordPress community.

Pressing Topics is different from WordPress Weekly as we’ll rarely interview guests, go in-depth on specific subjects, and the show’s length is greatly reduced. Today’s episode is 26 minutes long and most episodes will be shorter than that.

In our first episode, we discuss the balancing act of user self sufficiency, a new empowerwoment project at Yoast, why countdown timers on event sites are impractical, and WPMU Dev ending development for more than 90% of their plugins.

We also talk about the success of WordPress Translation day 4, and inform listeners of multiple security vulnerabilities discovered in the WordPress Ultimate Member plugin.

I’ll submit the podcast to iTunes in the next few days to provide more convenient options of subscribing. Please listen to episode one and let us know what you think.

Stories Discussed:

User Self Sufficiency

Empowerwoment project at Yoast

Conference Websites – Please don’t use countdown timers

WPMUDEV Shutting Down Development on Many Plugins

WPMU Pro Sites Plugin Migration Option with WP Ultimo

WordPress Translation Day 4 Successfully Hosts 77 Local Events in 35 Countries, Recruits 183 New Translators

Multiple Vulnerabilities in the WordPress Ultimate Member Plugin

The transcript is in Rich-Text format. You can download the show or listen to it via the embedded audio player below.

Listen to Pressing Topics Episode 1

by Jeff Chandler at May 14, 2019 08:24 AM under yoast

May 13, 2019

WPTavern: WordPress Translation Day 4 Successfully Hosts 77 Local Events in 35 Countries, Recruits 183 New Translators

WordPress Translation Day 4 was held over the weekend. The 24-hour global event hosted 77 local events in 35 countries and the Polyglots team added 183 new contributors to their ranks. The team also designated 12 new GTEs (Global Translation Editor) and 14 PTEs (Project Translation Editor).

Naoko Takano, a Polyglots Team Global Mentor and Japanese GTE, gave an introduction to the event from Tokyo for the livestream. In her presentation she shared some stats on the state of WordPress translation. WordPress is currently available in 201 locales with 614 GTEs, 3,086 PTEs, and 32,585 contributors. The majority of WordPress installs are in locales other than US English, representing an estimated 18% of the web.

Takano also highlighted the top locales installed:

  • Japanese: 5.9%
  • German: 5.5%
  • Spanish: 5.0%
  • French: 3.8%
  • English (UK): 3.7%

Locales with most translation contributors include Spanish (2,863), German (2,399), Italian (2,190), Dutch (1,584), and Russian (1,515). These stats show that WordPress still has tremendous opportunity for growth among top world languages with the most native speakers, such as Chinese dialects, Hindi, Aarabic, Bengali, and Portugese.

Translation Day 4 hosted more local events than previous years with participants in Africa, Asia, Europe, North America, South America and Oceania. Some of these events projected the livestream, online talks, and tweets, enabling attendees to follow along with other participants across the globe.

Energetic groups of Polyglots gathered together to make WordPress more accessible in their languages. Their goals included the following:

  • Increase the number of PTEs
  • Increase the number of mentors
  • Translate the top 200 plugins and themes
  • Curate Polyglot assets: glossary and rules
  • Improve the Translate page on Rosetta

Bhutan Hosts Its First Meetup in Thimphu for WordPress Translation Day

Some of the newly initiated Polyglots contributors came from Bhutan where the country’s first WordPress meetup was hosted in Thimphu this past weekend. Organizer Ugyen Dorji gathered local developers, designers, and publishers for WordPress Translation Day, adding more contributor to the Dzongkha locale, the national language of Bhutan. The group now has 26 members.

Dorji invited a speaker for the meetup, Tenzin Namgyel, an ICT officer from the Dzongkha Development Commission who is also the locale manager and GTE for Dzongkha. He explained the basics of translating WordPress and the attendees participated in Translation Day via the livestream.

Dorji is passionate about completing the Dzongkha translation, encouraging Dzongkha bloggers, and improving local government websites. Many local government websites, such as the Dzongkha Development Commission, rely on WordPress. As the organizer of the fledgling meetup, Dorji is full of ideas for growing the Bhutanese WordPress community.

“My next plan is to visit the language university and teach them to blog in Dzongkha using WordPress,” he said. “We have plans to gather a group of active Bhutanese WordPress bloggers and host panel talks. WordCamp Thimphu is my goal – to reach and invite more WordPress experts as speakers of the main event and help Bhutanese to grow their careers with WordPress.”

In addition to launching a new WordPress community in Bhutan, participants in the Translation Day event translated thousands of strings and helped new teams make progress towards launching packages for WordPress 5.2. Some of the most popular plugins and themes are now more accessible to the global WordPress user base, thanks to contributions inspired by the virtual event.

Events like this are a reminder of just far-reaching WordPress’ influence is across cultures. The Polyglots team is made up of a diverse and remarkably collaborative community of volunteers. Check out a few of the translation teams below that checked in from around the world with pictures on Twitter.

by Sarah Gooding at May 13, 2019 10:35 PM under Global WordPress Translation Day

May 10, 2019

WPTavern: WPTracSearch: An Elasticsearch-Powered Search Interface for WordPress Trac Tickets

WordPress Trac is one of the more utilitarian and uninspiring interfaces that many contributors have to contend with in the process of giving back to the project. After growing tired of Trac’s mediocre search functionality, William Earnhardt set out to improve it with a new project called WPTracSearch that gave him an opportunity to play around with Elasticsearch and React.

WPTracSearch provides an alternative Elasticsearch-powered interface for searching WordPress Trac tickets. It performs a full text search of all of the fields, delivering more accurate results, even for basic queries, thanks to Elasticsearch’s relevance ranking. The results can be easily filtered based on milestone, component, focuses, usernames, and more criteria, making it easier to find specific tickets.

The search interface also supports fuzzy matching, adding to its ability to deliver more relevant results. Even if a term is misspelled (either in the search or the ticket) it will still yield results, as in the example below:

Earnhardt is a WordPress core contributor and a developer at Bluehost. His core team has the discretion to work on whatever they want for WordPress core and the community.

“This fit in nicely with that, but was also just something fun to tinker with,” he said. “It started as a fun experiment with Elasticsearch last fall. I built an index on my local machine and played around with it but got busy with other stuff pre-5.0 push and it sort of fell by the wayside.

“Then early this year I had a few times come up where it would have been helpful, so I threw together an interface for it and got it online.”

If you want to use WPTracSearch but are not sure how current the ticket index is, Earnhardt said it’s nearly constantly in sync:

There is a PHP script that parses all the information about a ticket in Trac using the XMLRPC api and puts it into an Elasticsearch index. There is a bash script that runs on a cron every minute to find any tickets updated since the last run and then uses the PHP script to reindex them. So it stays pretty constantly in sync.

The project uses a React interface that relies on the Reactivesearch library to query the Elasticsearch index. Earnhardt also borrowed some code from Ryan McCue’s Not Trac to help with some of the UI that deals with parsing TracLinks and code blocks.

WPTracSearch is an evolving project and Earnhardt has lots of plans for improving it. The two highest priority items on his roadmap are indexing meta Trac and making a search UI for it. He also wants to make the individual tickets have navigable URLs instead of being modal pop up windows when you click on the summary in the search results.

“I do it that way because it’s a lot faster to stay in this interface than jumping back and forth to core.trac.wordpress.org when browsing tickets, but you can’t link directly to a ticket and forward/back doesn’t work,” Earnhardt said.

“You can also query the Elasticsearch index directly without using the React interface if you know Elasticsearch Query DSL. This allows pretty complex queries to be built. I’ve thought about creating some charts using that. It could help with the core triage team effort to better understand churn and progress toward bringing that open ticket count down. There are a lot of cool possibilities.”

WPTracSearch is available on GitHub if anyone wants to contribute ideas or code to improve it.

by Sarah Gooding at May 10, 2019 09:42 PM under trac

WPTavern: Tips for Replying to A Call for Papers or A Call for Speakers

The following is a guest post written by Jennifer Bourn. With 21 years experience as a graphic designer, 15 years experience as a web designer, 14 years as a creative agency owner, and 11 years as a blogger, Jennifer Bourn has worked with hundreds of service-based businesses to build brands and establish profitable online platforms. She also co-organizes the Sacramento WordPress Meetup and WordCamp Sacramento.

After being the lead organizer for WordCamp Sacramento for two years, speaker wrangler for two years, managing the program for a year, and speaking at several WordCamps and non-WordPress related conferences myself, I have seen a lot of amazing and a lot of awful speaker submissions. Some speaker submissions have been from people I know personally — people I want to choose and say yes to — but ultimately couldn’t because their submission was subpar.

It’s incredibly tough to both apply to speak and select speakers from applications.

With that in mind, I shared a Twitter thread yesterday with tips for replying to a Call for Papers or a Call for Speakers that will help you get your next talk submission accepted and it is summarized for your convenience below:

If your title is confusing, weird, unclear, too cutesy, or it feels like you put no effort into it, that will work against you. Organizers want talks attendees will be interested in and excited for. It must be easy to understand what the talk is about based on the title alone.

If your talk description is all about you, is only one sentence long, is sarcastic/unprofessional, isn’t aligned with the event focus/theme, or it’s totally self-serving, you should rethink things. Your talk isn’t about you, it’s about helping attendees expand their knowledge and move the needle and helping organizers host a successful event.

It is never ever a good idea to disparage or put down a person, job, tool, piece of software, or anyone/anything to make your point or make your topic interesting. If the only way you can communicate your point is through negativity, reconsider the topic. Being controversial may have been a draw in years past, but now it’s a risk most organizers aren’t willing to take.

Consider that someone else (or several people) may submit a talk on the exact same subject. Your title and description need to convince organizers why your submission should be picked over the other person’s submission.

Consider that if you submit multiple talks, none of them may be selected if your titles aren’t interesting and your descriptions are not descriptive. It must be clear what the talk is about and what the takeaways are, and how this talk will benefit the attendees.

Always think about how you can make the organizers’ or event planners’ jobs easier and follow instructions. For example, if they ask for bios in third-person, provide your bio in third-person. If they ask for full name, provide your full name.

Spell the name of the conference, software, industry, etc. correctly in your speaker application. Want to speak at a WordPress event? Double check that you’ve capitalized the P and proofread your submission.

Look at the topics requested by the event organizers. Submit talks on those topics and your chances of being selected will be higher because they are telling you what they want. Lists of preferred topics are usually included because that is what their local community has specifically requested.

Don’t submit the same talk you’ve submitted 10 times to other events. Put in some effort. Look at the event theme and submit something that relates to it or customize the talk title/description to include the theme.

Look at the past event schedules, agenda, or programs. Look at the types of talks they accept. For example, if a WordCamp has only had 2-3 business related talks in the past four years, it might be a sign they aren’t looking for business talks and want talks focused more on using WordPress.

Look at the topics the event has already covered in previous years. Then find the gap and find something they haven’t already heard or done.

Steer clear of the marketing hype. Avoid topics related to killing it, hustling, crushing, and dominating. Don’t refer to yourself as a guru or a thought leader (that’s only cool when other people say it about you). Avoid negativity, sarcasm, and assumptions about the audience.

If organizers ask how or why you’re qualified to talk on the topic being submitted:

  • It’s okay to be new/just learning — fresh voices are awesome.
  • Don’t just copy and paste your bio into the field. They already have your bio and that’s not what they meant or what they want.

Never assume the people reviewing your application are experts on your talk topic or have the same technical background you do.

Avoid submitting a talk that is all about one piece of software — i.e. one plugin — especially if the software is premium and requires an investment. An entire session dedicated to a paid plugin 1) excludes those who have not purchased it or cannot purchase it and 2) will apply to few attendees. Instead, consider a compare/contrast presentation that covers both free and paid options or a talk that introduces attendees to multiple options.

It’s okay to submit opinion pieces as talks, but be careful to NOT position your opinion or approach as the only one or the right one, when there are other options. Often there isn’t one right way (unless it’s technical and there is one right way).

If the submission form asks what skill level audience your talk is the best fit — Beginner, Intermediate, or Advanced — don’t pick them all. That isn’t helpful. The same is true if they ask who your talk is aimed at — designers, developers, or users, etc.

Organizers for events like WordCamps need to satisfy a diverse audience. The attendee makeup often ranges from those who make a living with WordPress all the way to newbies who just learned what WordPress is a few days ago, so talks at and for every skill level are needed and valued. Don’t skip applying because you think your talk isn’t advanced enough.

If there is a ‘notes to the organizer’ field in the talk submission form, communicate that you’re open to suggestions or making tweaks to the talk focus to ensure it’s a great fit for their audience. Often a talk being reviewed is close to what they want, but it needs a small tweak to be selected.

If something funky happened when you hit submit, don’t be afraid to submit your talk again. Organizers would rather have duplicate submissions than miss your submission. Also, it’s okay to reach out to confirm your submission was received.

Don’t skip applying to speak because you don’t think you know enough yet or don’t have enough experience yet. Everyone has value to contribute and fresh perspectives are always appreciated. Plus, there are people who just discovered or figured out the thing you want to talk about exists — I guarantee you can help them.

Behind the scenes organizers work hard to create a diverse lineup of speakers that provides representation for everyone in the community. Organizers can ask, beg, plead, and do loads of outreach, but ultimately, they are limited by who is willing to apply and/or who is willing to accept an invite to speak. So please say yes and apply.

When organizers make the offer to help you brainstorm talk ideas, craft a talk title/description, and even create your slide deck or watch your practice, say yes. Take them up on the offer. Asking for help doesn’t make you any less awesome. There are a lot of people who are incredibly talented and smart with great value to share but find it difficult to put what they know into a talk format. If that’s you, you’re not alone and there are people who want to help.

Interested in trying your hand at speaking for the first time?

Every event has limited space. When securing rooms for multi-track events and planning the schedule, organizers need to be able to split attendees across the different rooms/tracks. This means they need competing talks in each track that will be a draw and attract attendees. No one wants one full room and one empty room. No one.

If you don’t get selected, don’t get down on yourself. Often the selection choice has nothing to do with you and is simply a matter of many submissions on the same topic(s), needing to balance topics across disciplines to serve the range of attendees or skill sets, and looking for more diverse representation in the speaker lineup.

If the event is local to you, always apply. Many times event/conference organizers want to fill the speaking spots (or at least half of them) with local people from their community or region and you’ll have a leg up on the out-of-towners. Similarly, if there is a meetup group in the area tied to the event/conference, go to the meetup and get to know the organizers and other attendees.

New to a subject/topic? Just learning it? No problem! Consider submitting a talk reviewing your experience as a new user. Share surprises and obstacles encountered, lessons learned, and suggestions for improvement. This can be hugely valuable for advanced users who tend to what new users deal with and it can provide a different perspective and voice.

Want to learn a topic better? There’s no better way than to teach others about it. Submit the talk, do the work to learn it, and teach everything you’ve learned so far. For example, if you want to build a membership site, submit a talk on how to choose a membership plugin, document your research in finding the right plugin, and share what plugins you reviewed, what criteria you used for evaluation, what you discovered (pros/cons), and which you ended up choosing.

Never underestimate the power of awareness. Consider pitching a talk that presents options to expand attendees awareness of what is available or possible and gives them a starting place to research things on their own.

by Jeff Chandler at May 10, 2019 06:32 PM under wordcamps

WPTavern: Storefront 2.5.0 Introduces a Custom, Block-Based Homepage

Storefront, WooCommerce’s free flagship theme, has just released version 2.5.0 with updates that make it easier to setup and customize the homepage.

In 2017, WooCommerce 2.2 introduced starter content to help users set up the homepage template, menus, widgets, and add some demo products. This content has been updated to incorporate the WooCommerce blocks that were rolled into the plugin’s 3.6 release. It also adds support for the new cover block, which enables users to place headings, paragraphs, and buttons inside the block.

These changes essentially create a custom, editable homepage with all the flexibility of blocks, giving users more control than the previous custom homepage template approach. The old homepage (template-homepage.php) has now been retired.

Storefront is active on more than 200,000 stores. Many of these sites already have their homepages set, but the new block-based homepage makes it easier to set up a new store or make changes to existing homepage designs without having to use custom code or a plugin.

Version 2.5 is a minor release but still requires testing before updating, as some users have already reported a few discrepancies with how the “full width” template is displayed. Previewing the update in a staging environment will ensure there are no surprises on update.

by Sarah Gooding at May 10, 2019 03:59 PM under woocommerce

WordPress.org blog: Tomorrow is WordPress Translation Day 4

The fourth edition of WordPress translation day is coming up on Saturday 11 May 2019: tomorrow! Get ready for a 24-hour, global marathon dedicated to localizing the WordPress platform and ecosystem. This event takes place both online and in physical locations across the world, so you can join no matter where you are!

The WordPress Polyglots Team has a mission to translate and make available the software’s features into as many languages as possible. As WordPress powers more than 33% of websites, people from across the world use it in their daily life. That means there is a lot that needs translating, and into many different languages.

On 11 May 2019, from 00:00 UTC until 23:59 UTC, WordPress Translation Day aims to celebrate the thousands of volunteers who contribute to translation and internalization. The event is also an opportunity for encouraging more people to get involved and help increase the availability of themes and plugins in different languages.

“At the time of the last event in 2017, WordPress was being translated into 178 languages, we have now reached the 200 mark!”


What happens on WordPress Translation Day?

There are a number of local meetings all over the world, as well as online talks by people from the WordPress community. More than 700 people from around the world took part in past WordPress Translation Days, and everyone welcome to join in this time around!

Everyone is welcome to join the event to help translate and localize WordPress, no matter their level of experience. A lot is happening on the day, so join in and you will learn how to through online sessions!

What can you expect?

  • Live online training: Tutorials in different languages focused on translation and localization, or l10n, of WordPress. These are streamed in multiple languages
  • Localization sessions: General instruction and specifics for particular areas and languages. These sessions are streamed in multiple languages.
  • Internalization sessions: Tutorials about optimizing the code to ease localization processes, also called internationalization or i18n. These sessions are streamed in English.
  • Local events: Polyglot contributors will gather around the world for socializing, discussing, and translating together.
  • Remote events: Translation teams that cannot gather physically, will connect remotely. They will be available for training, mentoring, and supporting new contributors. They will also engage in “translating marathons”, in which existing teams translate as many strings as they can!

A number of experienced WordPress translators and internationalization experts are part of the line-up for the livestream, joined by some first time contributors.

Whether you have or haven’t contributed to the Polyglots before, you can join in for WordPress Translation Day. Learn more about both local and online events and stay updated through the website and social media.

by Joost de Valk at May 10, 2019 09:17 AM under Events

May 09, 2019

WPTavern: Advanced Custom Fields 5.8.0 Introduces ACF Blocks: A PHP Framework for Creating Gutenberg Blocks

After six months in development, Advanced Custom Fields 5.8.0 was released yesterday with a new PHP-based framework for developing custom Gutenberg block types. ACF Blocks was announced in October 2018, to the great relief of many developers who didn’t know how they were going to keep pace with learning the JavaScript required to use WordPress’ Block API.

ACF’s creator, Elliot Condon, was one of the more vocal critics of Gutenberg leading up to its inclusion in WordPress 5.0. Developers were concerned about whether or not their custom metaboxes generated by ACF would still be compatible. The ACF team worked to ensure the plugin was integrated into the Gutenberg UI as much as possible and surprised users by announcing an acf_register_block() function that would allow developers to use PHP to create custom blocks.

The new ACF Blocks add-on is built on top of Advanced Custom Fields Pro and does not require any JavaScript knowledge. It integrates with custom fields so developers can create custom solutions. ACF blocks are rendered using a PHP template file or a callback function that allows full control of the output HTML and live previews while editing the blocks. They also maintain native compatibility with WordPress core, meaning that all Gutenberg features like “alignment” and “re-usable blocks” work as expected.

Early feedback indicates that ACF Blocks has made custom Gutenberg development more approachable for developers who are not as well-versed in React, significantly speeding up the creation of custom blocks.

This is one example of how the WordPress product ecosystem continues to evolve to support developers in the transition to a more JavaScript-powered WordPress.

ACF Blocks also launched with a suite of nine ready-to-use bocks available as a plugin from the new acfblocks.com website. These include commonly-requested functionality for client sites, such as testimonial, team, multi-button, star-rating, pricing list, and click-to-tweet, with more on the way.

by Sarah Gooding at May 09, 2019 06:14 PM under gutenberg

WPTavern: WPWeekly Episode 351 – Results of the Gutenberg Accessibility Audit

In this episode, John James Jacoby and I are joined by Rachel Cherry, Freelance software engineer, consultant, and director of WPCampus and Brian DeConinck, a front-end designer and developer with the OIT Design and Web Services team, part of the Office of Information Technology at NC State University.

We learn how Tenon was chosen as the vendor to perform the audit and what conditions needed to be met. We then dissected the results of the Gutenberg Accessibility Audit conducted by Tenon. We discuss the state of Gutenberg’s accessibility, recommendations for those in Higher Education environments, and where Gutenberg development might go from here.



WPWeekly Meta:

Next Episode: Wednesday, May 15th 3:00 P.M. Eastern

Subscribe to WordPress Weekly via Itunes

Subscribe to WordPress Weekly via RSS

Subscribe to WordPress Weekly via Stitcher Radio

Subscribe to WordPress Weekly via Google Play

Listen To Episode #351:

by Jeff Chandler at May 09, 2019 12:52 AM under tenon

May 08, 2019

WPTavern: WordPress Professionals: Take the Future of WordPress Careers Survey

Nevena Tomovic, a Business Developer at Human Made, is researching the most important skills for pursuing a career in WordPress. She is conducting a survey for professionals that is open to anyone working in a WordPress-related capacity, including writers, developers, marketers, UI & UX designers, illustrators, community drivers, evangelists, project managers, and creatives.

The survey takes less than five minutes to complete and the results will be shared at WordCamp Europe in Berlin and on nevena.blog. Tomovoic will be giving a presentation titled “Renaissance jobs in WordPress: Skills you need to survive the 21st-century career,” where she will elaborate on global trends related to the job landscape. She will also be speaking about how employers and managers can attract new talent through WordPress education.

In a recent post on her blog, Tomovic elaborated on the concept of “Renaissance jobs,” positions that use titles merging multiple skills into one role:

Renaissance jobs, also otherwise known as hybrid roles are a mishmash of more than one skill, a combination of expertise in more than one domain. You might have come across roles such as experience architect, user experience consultant, or even customer wrangler, all of these typically involve technical knowledge, excellent communication and management skills. All of these roles are a completely foreign concept for most of our parents. The 21st century has brought with it remote work, chief growth officers, and a globalized workforce among other things.

Tomovic’s survey data will identify what skills are most important in the WordPress job market right now. The survey does not collect any personal data and the raw data will be deleted after the results are published.

If you want to check out Tomovic’s talk in person, make sure to purchase a ticket to WordCamp Europe. The final batch of tickets has gone on sale and there are only 133 general admission tickets remaining.

by Sarah Gooding at May 08, 2019 11:24 PM under jobs

WPTavern: New Membership Block Coming to Jetpack, Site Health and Debug Info Added to Version 7.3

Jetpack 7.3 was released yesterday with changes that improve the “out of the box” experience. The plugin now enables fewer features on setup so users can have more control over what they activate on their sites.

The new version also integrates with WordPress 5.2’s new Site Health checks. It includes a status check and moves Jetpack’s legacy debug data to a section in the new “Site Health Info” tab. The initial status check isn’t very descriptive regarding critical errors, but these error messages can be improved in future iterations so users know how to get to a page with more information.

New Membership Block Now Available for Jetpack Beta Testers

Jetpack is getting ready to introduce a new Membership block that will essentially function like a recurring donation button using Stripe as the payment gateway.

Users will be able to set the currency, price, product name, and renewal interval directly within the block.

This release adds the new block behind the JETPACK_BETA_BLOCKS constant for users who are beta testing new blocks. Feedback from testers will be addressed in future pull requests. The PR merged into Jetpack 7.3 includes the following technical additions for the new Membership block:

  • Introduce endpoints that communicate with WP.COM
  • Whitelist certain options, CPTs and meta to store / sync data
  • Introduce Gutenberg block that uses these endpoints and provides UI to connect to Stripe, create and choose a product
  • Introduce a frontend of a block with the sole purpose of displaying a checkout window from WP.com in an iframe

In its current form, the use of the term “Membership” for the block might be a bit misleading for some users, depending on their expectations. Site owners usually expect more granular management of members, multiple membership tiers, customizable emails, various renewal options, content access, and more for managing memberships.

Unless Jetpack intends to make this the gateway to more robust membership capabilities, then “Recurring donation/payment button” might be a more accurate name for the block. However, it wouldn’t be surprising to see a more full-featured Membership module turn up as a SaaS product from WordPress.com, as opposed to everything getting packed into the plugin.

No release date has been announced for the membership block as it is still under active development and in the very early stages of beta testing.

Check out the full changelog to see all the enhancements and bug fixes in Jetpack 7.3.

by Sarah Gooding at May 08, 2019 05:57 PM under membership

WPTavern: WordPress 5.2 “Jaco” Released, Includes Fatal PHP Error Protection and A Recovery Mode

WordPress 5.2 “Jaco” named after bassist Jaco Pastorius, is now available for download. Normally, I’d start listing new features but I’m going to do something a little different this time.

Let’s begin by recognizing the 327 people who contributed to this release with 109 of those being first time contributors. It was led by Matt Mullenweg, Josepha Haden Chomphosy, and Gary Pendergast. Included in the list is Alex (Viper007Bond) Mills who passed away from Leukemia earlier this year.

Screenshot taken by Brandon Kraft

Mills still has a few uncommitted patches in Trac so it’s possible he’ll end up on the list of contributors in future releases.

Minimum PHP Version Required to Run WordPress 5.2 Is Now 5.6.20

WordPress 5.2 bumps up the minimum PHP version required to 5.6.20. If you’re using an older version, you’ll need to update PHP before upgrading to WordPress 5.2. Updating PHP to version 7.3 or above is recommended.

Additional Improvements to Site Health Check

In WordPress 5.1, Site Health Check features were added to inform users of outdated PHP versions. WordPress 5.2 builds on this foundation by adding two new pages that help debug common configuration issues. Users can find the Site Health section in the WordPress backend by browsing to Tools > Site Health.

Site Health Check Test Results

Browsing to the Site Health page triggers a series of tests. When the tests are performed, errors and recommended improvements are displayed on the results page. There’s also a an Information tab that displays every detail about the configuration of your site.

Site Health Check Detailed Information

Theme and Plugin authors can add their own tests and modify or remove existing ones with filters.

Fatal Error Protection

Instead of seeing the dreaded “white screen of death,” WordPress 5.2 includes fatal PHP error protection. When a fatal error is detected, a user-facing error message is displayed and an email is sent to the administrator’s email address.

The email includes a link to a new feature called “recovery mode.” While in recovery mode, plugins and themes that are causing fatal errors are put into a paused state to ensure administrators can work around the errors and access the backend normally.

In addition to being informed about which themes or plugins are causing fatal errors, administrators have at least three options to fix the issue.

  • Administrators can deactivate the theme or plugin to maintain a working version of the site.
  • Administrators can fix the problem if they have the technical capabilities, and afterwards reactivate the theme or plugin.
  • Administrators can file a support request with the developer, pointing out the error.

Administrators can exit recovery mode by pressing a button in the admin bar. A few examples on how developers can utilize this feature can be found here.

WordPress 5.2 also includes accessibility improvements, thirteen new dashboard icons, plugin compatibility checks, and an variety of changes to the block editor. In addition, the Privacy Policy page includes four new helpers that make customizing and designing the page easier.

To learn more about the features in WordPress 5.2 and how to extend or work with them, check out the WordPress 5.2 Field Guide.

by Jeff Chandler at May 08, 2019 05:16 PM under WordPress 5.2

HeroPress: Broadening My Horizons Through WordPress

Pull Quote: I was scared that if I failed to learn what I need to know, I'd be left in the dust.

I’ve been a web designer since 1996. In some ways, it’s hard for me to fathom. Those were the days of Netscape Navigator and table-based page layouts. I wrote every bit of HTML by hand on a seriously-underpowered computer and a tiny monitor. Definitely a far cry from where we are today.

I was completely self-taught and learned by doing. When I landed my first job as a full-time “webmaster” at my local newspaper, I didn’t even know what Photoshop was (I had been using Microsoft Paint for graphics – feel free to laugh).

Looking back, I know that I wasn’t a very good designer in those days – but that didn’t matter. I felt lucky to be on the ground floor of an industry that was poised to change the world.

An Early Start

As an 18-year-old, I was often the youngest person in the office. Sometimes, that led to not being taken seriously by those in charge. Still, I did have a few mentors at the paper who were more than generous with their friendship and advice. It was my first taste of the “real world” – a lesson I sorely needed.

At the same time, I realized that I wasn’t going to stay there forever. The pay wasn’t very good and the hours weren’t my cup of tea. Most of all, I just felt that I could do better. Just over a year in, I left.

From there, I spent the next couple of years in various corporate settings – none of which felt very fulfilling. My existence was very much that of a worker bee. Sure, this is what happens when you’re just starting out – but I was too dense to see it that way.

Again, I had a feeling that there was something else out there for me. But there didn’t seem to be a path to further my career, unless I took it upon myself to do so.

So, in 1999 I went all-in as a freelancer working from home. While I’ve gone through a few different places to call home in the years since, I’m still here – thanks in great part to WordPress.

But before I found both the software and community that would change my trajectory, I had to go through some ups and downs.

Hitting a Wall

Starting my own business at 21 was at once frightening and gratifying. I booked a few steady clients early on, and that provided a much-needed boost in confidence (and revenue). Yet there was also a tremendous amount of responsibility that I wasn’t prepared for. It was another real-world lesson and I had to mature in a hurry.

As for technology, I upgraded my computer, but not necessarily my approach. The first several years were still ruled by building static HTML sites. And as clients started asking for more complex features such as ecommerce, I realized something about myself: I was incredibly afraid of what I didn’t know.

This feeling would haunt me much more than I could have anticipated. It was like a massive weight on my shoulders. As long as work kept me in my comfort zone, I was fine. But anything outside of that brought out my anxiety.

Sure, I had achieved some level of success at a young age (with a hobby site even going viral). I had plenty of work, I even moved out of my parent’s house. But I also feared the unknown. I hadn’t been a very good student in high school and had zero confidence in my ability to learn something more advanced.

At the same time, that fear was joined by a great deal of frustration. I started struggling to build larger sites using those same tired methods. And maintaining them was even worse.

In all, I was stressed out and felt stuck in a dead end. The passion I once had for design and code had vanished. I was in desperate need of a new direction.

A Glimmer of Light

It’s amazing how, just when things feel their darkest, a little bit of light shows up and sparks something in you. For me, WordPress was like a tiny matchstick in a pitch-black cave.

Somewhere around 2005, I installed an early version of WordPress as a playful experiment. At the time, I saw other content management systems starting to pop up, but wasn’t really impressed. Frankly, the sites running them all looked the same.

But tearing apart a WordPress theme was different. I knew nothing about PHP, but found that the templates were pretty easy to follow. I liked that I could make design changes without too much trouble. Even if I broke something, I was (usually) able to bring things back to their previous state.

Still, I wasn’t ready or willing to abandon my old-school techniques for building sites just yet (I even jettisoned the CSS layouts from my theme and replaced them with tables). WordPress was something I used on the periphery. I created a few simple blogs for clients, but hadn’t really thought of using it for anything more.

In fact, it would be a few more years until I was finally ready to make a change.

A New Beginning

2010 was a banner year in my career. It was the year where I, inspired by my wife and newborn daughter, started to really confront my fears. I had grown completely tired of the way I had been doing things. This was the year I became convinced that WordPress was the game-changer I needed.

As the software matured, more developers started using it to run entire sites – not just traditional blogs. I was very much intrigued, even excited, about the possibility of what I could achieve in terms of both design and functionality.

So, I convinced one of my agency clients to let me try using WordPress on a project. Things went well enough that we decided to start using it more often. And, for me, it was like that little matchstick in the dark cave turned into a huge beacon.

The more I used WordPress, the more curious I became about what else it could do. I found myself not only being unafraid to learn, but actually motivated to do so.

By the next year, I had moved almost exclusively to WordPress. That led to another watershed moment: Attending my first WordCamp.

Discovering That I Wasn’t Alone

Visiting WordCamp Philadelphia 2011 was an eye-opening experience. This was not the buttoned-down, corporate atmosphere that brought me discomfort years earlier. Instead, I found a casual, welcoming vibe that made me feel like I belonged.

The crowd was diverse in just about every way imaginable. And I met people who were all over the map when it came to knowledge of WordPress. Some were complete newbies, others were experts. But regardless of their skill level or experience, they all gathered in the same place. It struck me that I was now a part of something unique.

This burgeoning community, coupled with great software, had all of the sudden put me on a path that I never imagined possible. It made me want to learn all that I could and be a part of something bigger than myself.

Before too long, I discovered a confidence I never felt before. I was not only building better websites than I ever had, I was also eager to be a part of the WordPress community. And, despite being a bit shy, I even spoke at WordCamp Baltimore in 2012.

I felt like anything was possible.

Opportunity Knocks

As my experience with both WordPress and its community has grown, it has opened up some amazing opportunities. For one, it gave me the courage to try and fulfill another lifelong dream: to become a writer.

I started off by submitting an article to Speckyboy Web Design Magazine, not really knowing what to expect. When it was published, I was incredibly excited. So, I kept on writing. And each time, site editor Paul Andrew kept on publishing my work.

Even more mind-boggling is that, eventually, this led to a regular role with the site. I’ve published hundreds of articles and have enjoyed every minute of it. And more writing gigs have followed. My topic of choice? WordPress, of course!

When it comes to my design business, I’m no longer afraid to push those boundaries. I’ve built and maintained hundreds of WordPress sites that run the gamut in terms of size and functionality. Yes, including the formerly fear-inducing ecommerce.

But I know that, without the confidence boost I received by working with WordPress, none of this would have been possible. I am beyond grateful, and so glad that I found it at a pivotal time in my life.

What I’ve Learned

So, what does this all mean? I’ve given it a lot of thought.

There are still days when I’m overwhelmed and stressed out. But even then, I tell myself how I lucky I am to do what I do each day. And somehow, I have maintained a passion for my work that I think is here to stay.

But the biggest lesson I’ve learned, and the thing I’d like to share with you, is to give yourself a chance to learn and grow. Sometimes, the unknown can be scary – I get it. I was so afraid of the fact that I wasn’t formally trained and that I didn’t have the knowledge I needed to go further. I was scared that if I failed to learn what I needed to know that I’d be left in the dust.

Yet, that’s the amazing thing about WordPress and web design in general. There are so many great resources out there you can learn from. And there is a community out there who is willing to help and share what they know.

Everything is right there in front of us. All it takes is a willingness to try.

The post Broadening My Horizons Through WordPress appeared first on HeroPress.

by Eric Karkovack at May 08, 2019 12:00 PM

Follow our RSS feed: 

WordPress Planet

This is an aggregation of blogs talking about WordPress from around the world. If you think your blog should be part of this site, send an email to Matt.

Official Blog

For official WordPress development news, check out the WordPress Core Blog.


Last updated:

May 21, 2019 05:15 AM
All times are UTC.