Daryll Doyle

WordPress Development and Consultancy in Cornwall

Latest stories

How to allow SVG uploads in WordPress

H

Don’t. Nope, stop. You developers/bloggers who keep passing the below code around as a valid way of allowing SVG uploads in WordPress are killing me inside. Yes, this will allow you to upload SVGs in WordPress, it will also allow someone to upload an XML Bomb or an SVG with an XXE attack or god forbid a lovely XSS attack. You see, too many developers are allowing SVG uploads without...

Why I hate the WordPress signup page

W

I’ve been working with WordPress multisite a lot recently and whilst all in all it’s not too bad, there is one thing that really pisses me off about it, wp-signup.php. No matter how many times I try and get my head round the contents of this file, I still struggle. It just seems like this file is a complete cluster-fuck of functions, html and css. On top of that, I feel there are...

PHP South Coast 2015

P

I attended my first ever PHP conference yesterday, PHP South Coast. I must say, I had a great time, not only were people very welcoming, but the talks were also extremely good. The talks I attended are as follows: Keynote: Cal Evans Parallel PHP: Joe Watkins The Art of Programming: Erika Heidi Teaming up Backbone.js and the new WordPress API: Jeroen van Dijk API Pain Points: Phil Sturgeon...

Sanitize SVGs in WordPress

S

So my plugin Safe SVG has just been accepted into the WordPress plugin directory. Whilst mainly a proof of concept, I’m hoping that this plugin will help convince the core team that SVGs, with the right sanitization should become part of core. My major argument for allowing SVGs in core with sanitization is that there are currently 128 other SVG upload plugins in the plugin directory...

Safe SVG for WordPress

S

After a lot of testing of svg-sanitizer I’ve finally decided to make a WordPress plugin for it. This is more of a PoC to show that it can be done.
Once installed, the plugin will hook into the uploads and automatically sanitize any SVGs that you upload.
I’ll update this post when it’s on the WordPress directory but for now, here’s the download:
Click here to download

SVG Sanitization

S

A couple of days ago I was browsing through the WordPress core Trac looking for something to get involved in and stumbled upon the following issue:  The lack of ability to upload SVGs into WordPress has always been a slight annoyance to me so I decided to see what I could do about it. After reading through the thread, I realised that what PHP was really missing, was a decent SVG sanitizer. I read...

So I’ve just updated my…

S

So I’ve just updated my blog to use the new p2-breathe theme and the O2 plugin by Automattic and I must say, I like it.
I’m hoping it’ll encourage me to blog some more, but I’m sure we’ll see!
Edit: It’s very nice when you post!

WordPress InnoDB Issues

W

I’ve been working with a lot of WordPress plugins recently and have come across a bug that had me stumped for a while, therefore, I thought it’d be worth sharing it here. After installing and activating a plugin that created new database tables, I realised that the tables had not been installed. I contacted the plugin support who suggested re-installing WordPress. Reluctantly I did...

PSR-4 Autoloading in WordPress

P

Recently I’ve been tasked with integrating a few API’s into WordPress sites. Whilst this doesn’t seem too hard, I found it hard to find solid documentation on the best practices in this scenario. In this post I will explain how I decided to go about these integrations, focussing mainly on my class loading inside WordPress. Why Autoload? Themes in WordPress all seem to be very...

Daryll Doyle WordPress Development and Consultancy in Cornwall