WordPress Coding Standards
wordpress.org.cn
Some legacy parts of the WordPress code structure for PHP markup are inconsistent in their style. WordPress is working to gradually improve this by helping users maintain a consistent style so the code can remain clean and easy to read at a glance.
Keep the following points in mind when writing code for WordPress, whether for core programming code, Plugins, or WordPress Themes. The guidelines are similar to Pear standards in many ways, but differ in some key respects.
See also this post on the wp-hackers list. There is also a page on proposed Inline Documentation standards.
PHP
Single and Double Quotes
Use single and double quotes when appropriate. If you're not evaluating anything in the string, use single quotes. You should almost never have to escape HTML quotes in a string, because you can just alternate your quoting style, like so:
pre echo 'a href=/static/link title=Yeah yeah!Link name/a'; echo a href='$link' title='$linktitle'$linkname/a; /pre
An exception to this is JavaScript, which sometimes requires double or single quotes. Text that goes into attributes should be run through ttesc_attr()/tt so that single or double quotes do not end the attribute value and invalidate the HTML and cause a security issue. See Data Validation for further details.
Indentation
Your indentation should always reflect logical structure. Use real tabs and not spaces, as this allows the most flexibility across clients.
Exception: if you have a block of code that would be more readable if things aligned, use spaces:
pre [tab]$foo = 'somevalue'; [tab]$foo2 = 'somevalue2'; [tab]$foo34 = 'somevalue3'; [tab]$foo5 = 'somevalue4'; /pre
Rule of thumb: tabs should be used at the beginning of the line and spaces should be used mid-line.
Brace Style
Braces should be used for multiline blocks:
pre if ( condition ) {
action1(); action2();
} elseif ( condition2 condition3 ) {
action3(); action4();
} else {
defaultaction();
} /pre
Furthermore, if you have a really long block, consider whether it can be broken into two or more shorter blocks or functions. If you consider such a long block unavoidable, please put a short comment at the end so people can tell at glance what that ending brace ends -- typically this is appropriate for a logic block, longer than about 35 rows, but any code that's not intuitively obvious can be commented.
Single line blocks can omit braces for brevity:
pre if ( condition )
action1();
elseif ( condition2 )
action2();
else
action3();
/pre
If any related set of blocks is more than one line long then all of the related blocks should be enclosed in braces:
pre if ( condition ) {
action1();
} elseif ( condition2 ) {
action2a(); action2b();
} /pre
Loops should always contain braces as this enhances readability, and allows for fewer line edits for debugging or additional functionality later.
pre foreach ( $items as $item ) {
process_item( $item );
} /pre
ttinclude_once/tt vs ttrequire_once/tt
Learn the difference between ttinclude_once/tt and ttrequire_once/tt, and use each as appropriate. To quote the php manual page on include(): The two constructs are identical in every way except how they handle failure. include() produces a Warning while require() results in a Fatal Error. Fatal errors stop script execution.
Regular Expressions
Perl compatible regular expressions (PCRE, ttpreg_/tt functions) should be used in preference to their POSIX counterparts. Never use the tt/e/tt switch, use ttpreg_replace_callback/tt instead.
No Shorthand PHP
Important: Never use shorthand PHP start tags. Always use full PHP tags.
Correct: pre lt;?php ... ?gt; /pre
Incorrect: pre lt;? ... ?gt; lt;?=$var?gt; /pre
Remove Trailing Spaces
Important: Make sure you remove trailing whitespace after closing PHP tags.
Space Usage
Always put spaces after commas and on both sides of logical and assignment operators.
pre x == 23 foo bar array( 1, 2, 3 ) /pre
Put spaces on both sides of the opening and closing parenthesis of ttif/tt, ttelseif/tt, ttforeach/tt, ttfor/tt and ttswitch/tt blocks.
pre foreach ( $foo as $bar ) { ... /pre
When defining a function, do it like so: pre function myfunction( $param1 = 'foo', $param2 = 'bar' ) { ... /pre
When calling a function, do it like so: pre myfunction( $param1, funcparam( $param2 ) ); /pre
Formatting SQL statements
When formatting SQL statements you may break it into several lines and indent if it is sufficiently complex to warrant it. Most statements work well as one line though. Always capitalize the SQL parts of the statement like ttUPDATE/tt or ttWHERE/tt.
Functions that update the database should expect their parameters to lack SQL slash escaping when passed. Escaping should be done as close to the time of the query as possible, preferably by using tt$wpdb-gt;prepare()/tt
tt$wpdb-gt;prepare()/tt is a method that handles escaping, quoting, and int-casting for SQL queries. It uses a subset of the ttsprintf()/tt style of formatting. Example :
pre $var = dangerous'; // raw data that may or may not need to be escaped $id = some_foo_number(); // data we expect to be an integer, but we're not certain
$wpdb-query( $wpdb-prepare( UPDATE $wpdb-posts SET post_title = %s WHERE ID = %d, $var, $id ) ); /pre
tt%s/tt is used for string placeholders and %d is used for integer placeholders. Note that they are not 'quoted'! tt$wpdb-gt;prepare()/tt will take care of escaping and quoting for us. The benefit of this is that we don't have to remember to manually use tt$wpdb-gt;escape()/tt, and also that it is easy to see at a glance whether something has been escaped or not, because it happens right when the query happens.
See Database Data Validation for more information.
Database Queries
Avoid touching the database directly. If there is a defined function that can get the data you need, use it. Database abstraction (using functions instead of queries) helps keep your code forward-compatible and, in cases where results are cached in memory, it can be many times faster. If you must touch the database, get in touch with some developers by posting a message to the wp-hackers mailing list. They may want to consider creating a function for the next WordPress version to cover the functionality you wanted.
Variables, Functions, File Names, and Operators
Use lowercase letters in variable and function names (never ttcamelCase/tt). Separate words via underscores.
pre function some_name( $some_variable ) { [...] } /pre
Files should be named descriptively using lowercase letters. Hyphens should separate words.
pre my-plugin-name.php /pre
If you don't use a variable more than once, don't create it. This includes queries. Always use the wpdb Class of functions when interacting with the database.
Ternary operators are fine, but always have them test if the statement is true, not false. Otherwise it just gets confusing.
For example: pre // (if statement is true) ? (do this) : (if false, do this); $musictype = ( 'jazz' == $music ) ? 'cool' : 'blah'; /pre
Another important point in the above example, when doing logical comparisons always put the variable on the right side, like above. If you forget an equal sign it'll throw a parse error instead of just evaluating true and executing the statement. It really takes no extra time to do, so if this saves one bug it's worth it.
ttelse if/tt or ttelseif/tt
Both notations are used in conjunction with curly brackets, there is no rule which to prefer. ttelseif/tt can save you some hassles sometimes.
Self-Explanatory Flag Values for Function Arguments
Prefer string values to just tttrue/tt and ttfalse/tt when calling functions.
pre // Incorrect function eat( $what, $slowly = true ) { ... } eat( 'mushrooms' ); eat( 'mushrooms', true ); // what does true mean? eat( 'dogfood', false ); // what does false mean? The opposite of true? /pre
Since PHP doesn't support named arguments, the values of the flags are meaningless and each time we come across a function call like these above we have to search for the function definition. The code can be made more readable by using descriptive string values, instead of booleans.
pre // Correct function eat( $what, $speed = 'slowly' ) { ... } eat( 'mushrooms' ); eat( 'mushrooms', 'slowly' ); eat( 'dogfood', 'fast' ); /pre
HTML
Validation
All HTML pages should be verified against the W3C validator to ensure that the markup is well formed. This in and of itself is not directly indicative of good code, but it helps to weed out problems that are able to be tested via automation. It is no substitute for manual code review. (For other validators see HTML Validation.)
Self-closing Elements
All tags must be properly closed. For tags that can wrap nodes such as text or other elements, termination is a trivial enough task. For tags that are self-closing, the forward slash should have exactly one space preceding it ttnowikibr //nowiki/tt vs. the compact but incorrect ttnowikibr//nowiki/tt. The W3C specifies that a single space should precede the self-closing slash (source).
Attributes and Tags
All tags and attributes must be written in lowercase. Additionally, attribute values should be lowercase when the purpose of the text therein is only to be interpreted by machines. For instances in which the data needs to be human readable, proper title capitalization should be followed, such as:
For machines: premeta http-equiv=content-type content=text/html; charset=utf-8 //pre
For humans: prea href=http://example.com/ title=Description Goes HereExample.com/a/pre
Quotes
According to the W3C, all attributes must have a value, and must use double-quotes (source). The following are examples of proper and improper usage of quotes and attribute/value pairs.
Correct: preinput type=text name=email disabled=disabled //pre
Incorrect: preinput type=text name=email disabled/pre
Indentation
As with PHP, HTML indentation should always reflect logical structure. Use tabs and not spaces.
When mixing PHP and HTML together, indent PHP blocks to match the surrounding HTML code. Closing PHP blocks should match the same indentation level as the opening block.
Correct: pre ?php if ( ! have_posts() ) : ?
div id=post-1 class=post
h1 class=entry-titleNot Found/h1
div class=entry-content
pApologies, but no results were found./p
?php get_search_form(); ?
/div
/div
?php endif; ? /pre
Incorrect: pre
?php if ( ! have_posts() ) : ?
div id=post-0 class=post error404 not-found
h1 class=entry-titleNot Found/h1
div class=entry-content
pApologies, but no results were found./p
?php get_search_form(); ?
/div
/div
?php endif; ? /pre
CSS
- See CSS Coding Standards.
Inspiration and Credits
- PHP standards: Pear standards
- HTML code standards adapted from Fellowship Tech Code Standards (CC license).
