← Back

WordPress Coding Standards for PHP

0 Flares Twitter 0 Facebook 0 LinkedIn 0 0 Flares ×

WordPress Standard Practices

PHP Tags

[php]Don’t use short tags "<? ?>"
Always use full PHP tags "<?php ?>"[/php]

Always omit the closing PHP tag in files. In case you happen to have some white space after the last PHP end tag in the file, and tried to redirect in some other file which comes later on during the execution, then you would be greeted with the famous “Warning: Cannot modify header information – headers already sent” error. It can’t hurt to have some micro level performance gain when you can prevent a possible problem to even occur.

Single Quotes / Double Quotes

Always use single quotes unless you really need to use them, like using a variable inside quotes. This helps improve performance as double quotes require more processing to find variables inside them, so better not use them unnecessarily. Also this way you will never have to escape quotes in a string like when you are building HTML markup.

[php]//Correct way
$x = ‘I am a string’;
$x = "I am a $who";

//Incorrect way
$x = "I am a string";[/php]


Use tabs instead of spaces, some may argue over this, but in WordPress we prefer this (Codex says so too), and then it gives more flexibility in my opinion.

[php]// Indentation in array declaration
$array = array(
‘one’ => ‘value’,
‘two’ => ‘value’,
‘some’ => ‘value’,
‘another’ => ‘value’

// Spacing in loops
foreach ( $array as $key => $value ) {
// Do something

// Spacing in conditions and braces
if ( ! $flag ) {
} else {

// Omitting braces in single line of code for a condition
if ( $flag )

// Spacing in function declaration
function whatsup( $time, $plan ) {
// Do something

// Typecasting
$a = (int) $float;[/php]

Formatting SQL queries

Never trust user input, assume every variable to be evil. Instead of making a query directly like this:

[php]$wpdb->query( "UPDATE $wpdb->posts SET post_title = $content WHERE ID = $id" );</pre>
Make sure the variables contains the value you would expect them to, else they can have any dangerous strings inside them which can lead to successful SQL injections. Use prepare method of WPDB class like this:
<pre>$wpdb-&gt;query( $wpdb->prepare( "UPDATE $wpdb->posts SET post_title = %s WHERE ID = %d", $var, $id ) );[/php]

Always try to use WordPress functions (API) to query the database, this rewards us with future proofing.

Naming conventions

We always use lowercase names, words separated by underscore while naming functions, variables etc. And first letter uppercase when naming a class.

[php]function some_name( $some_variable ) { [...] }
class Walker_Category extends Walker { [...] }
class WP_HTTP { [...] }[/php]

In case of file names, use lowercase, words separated by hyphens.


Names should be self explanatory. Use words which convey their sense of action or working. This improves the code readability greatly.

Perfect example from Codex:

[php]// Incorrect
function eat( $what, $slowly = true ) {

eat( ‘mushrooms’ );
eat( ‘mushrooms’, true ); // what does true mean?
eat( ‘dogfood’, false ); // what does false mean? The opposite of true?
// Correct
function eat( $what, $speed = ‘slowly’ ) {

eat( ‘mushrooms’ );
eat( ‘mushrooms’, ‘slowly’ );
eat( ‘dogfood’, ‘fast’ );[/php]

Clever code is not readable! Make your code readable, clever part comes in when optimizing, where we have to focus on sections that will provide us with the max gain.

0 Flares Twitter 0 Facebook 0 LinkedIn 0 0 Flares ×