[theme-reviewers] Custom Theme Widgets: Treat as Theme Settings

Edward Caissie edward.caissie at gmail.com
Fri Apr 29 19:41:51 UTC 2011 

Great points, Justin -

Good reminders for those familiar with writing "current" plugins; and very
valuable for those that are not writing them, yet. (*grin*)


Cais.

On Sat, Apr 30, 2011 at 12:51 PM, Justin Tadlock
<justin at justintadlock.com>wrote:

>  Yes, everyone should definitely be doing this.  I have a few notes for
> this too.
>
> ------
>
> Widgets should be registered using the register_widget() function like so:
>
> register_widget( 'Theme_Widget_Class_Name' );
>
> ------
>
> Widgets should be coded by extending the WP_Widget class.  So, the first
> line of the widget code should be something like:
>
> class Theme_Widget_Class_Name extends WP_Widget {
>
> ------
>
> For validating/sanitizing on input, you should look in the "update()"
> method, which would begin like so:
>
> function update( $new_instance, $old_instance ) {
>
> ------
>
> For escaping on output, you should look in the "form()" method, which would
> begin like so:
>
> function form( $instance ) {
>
> ------
>
> You should also make sure that "$before_widget" and "$after_widget" are
> used for outputting the sidebar's HTML within the "widget()" method.  And,
> make sure widget titles look something like this on display:
>
> if ( !empty( $instance['title'] ) )
>             echo $before_title . apply_filters( 'widget_title',
> $instance['title'], $instance, $this->id_base ) . $after_title;
>
>
>
> On 4/29/2011 11:12 AM, Chip Bennett wrote:
>
> Good morning, Reviewers!
>
>  Just a quick note: when reviewing Themes that include custom Widgets,
> treat such Widgets as if they are Theme Settings. That is, primarily, ensure
> that any user input is properly validated/sanitized on input, and escaped
> upon output.
>
>  This is something that most of us (including me) may not have been
> explicitly looking at...
>
>  Chip
>
>
> _______________________________________________
> theme-reviewers mailing listtheme-reviewers at lists.wordpress.orghttp://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
> _______________________________________________
> theme-reviewers mailing list
> theme-reviewers at lists.wordpress.org
> http://lists.wordpress.org/mailman/listinfo/theme-reviewers
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.wordpress.org/pipermail/theme-reviewers/attachments/20110429/be39b81f/attachment.htm>

More information about the theme-reviewers mailing list