Chapter 4: Plugin Development
Chapter 4 of 15
Chapter 4: Plugin Development
4.1 Plugin Structure
Create well-structured WordPress plugins.
<?php
/**
* Plugin Name: My Custom Plugin
* Plugin URI: https://example.com/plugin
* Description: Custom plugin description
* Version: 1.0.0
* Author: Your Name
*/
// Prevent direct access
if (!defined('ABSPATH')) {
exit;
}
// Plugin code here
?>4.2 Plugin Activation and Deactivation
Handle plugin activation and deactivation hooks.
// Activation hook
register_activation_hook(__FILE__, 'my_plugin_activate');
function my_plugin_activate() {
// Create database tables
// Set default options
// Flush rewrite rules
}
// Deactivation hook
register_deactivation_hook(__FILE__, 'my_plugin_deactivate');
function my_plugin_deactivate() {
// Clean up temporary data
// Flush rewrite rules
}4.3 Plugin Settings Page
Create admin settings pages for plugins.
// Add settings menu
add_action('admin_menu', 'my_plugin_settings_menu');
function my_plugin_settings_menu() {
add_options_page(
'My Plugin Settings',
'My Plugin',
'manage_options',
'my-plugin-settings',
'my_plugin_settings_page'
);
}
function my_plugin_settings_page() {
// Settings page HTML
}4.4 Plugin Security Best Practices
Secure your plugins from vulnerabilities.
- Sanitize Input: Use sanitize_text_field, sanitize_email
- Validate Data: Check data before using
- Escape Output: Use esc_html, esc_attr, esc_url
- Nonces: Verify form submissions
- Capabilities: Check user permissions
4.5 Plugin Internationalization
Make plugins translatable.
// Load text domain
load_plugin_textdomain('my-plugin', false, dirname(plugin_basename(__FILE__)) . '/languages');
// Use translation functions
__('Text to translate', 'my-plugin');
_e('Text to echo', 'my-plugin');
esc_html__('Text to escape', 'my-plugin');