Daryll Doyle WordPress Development and Consultancy in Cornwall


CORS with the WP REST API and IE11


A bit of a background, I’ve recently been working on a reasonably large, headless, multilingual WordPress build. The frontend and the backend needed to be hosted on separate domains, so we decided to build this site using the following technologies: Backend: WordPress via the REST API JWT Authentication for the API WPML for i18n ACF Pro for custom fields. Frontend: React Redux i18next All...

How to properly include inline SVGs in a WordPress theme


SVGs are used all the time in WordPress themes and for a good reason, they are scalable, small in size and if we include them inline we can change colours etc without needing another image. There is one thing that bugs me when I see this though, especially with user uploaded SVGs; the way they’re included in the theme. There are 3 real ways that I’ve seen it done: Using...

Merging ACF Field Group Tabs


Advanced Custom Fields is great but sometimes, especially when re-using field groups across templates, the admin area can get a little overwhelming. Tabs help but not when you’re using multiple field groups. To get around this I used to use this plugin for merging ACF tabs. It worked very well but hasn’t been updated in around 2 years and therefore doesn’t work at all on the new...

Background Image Resizing in WordPress


Since the media changes in WordPress 4.5 there have been a number of reports of upload issues, such as uploads timing out, as mentioned in this trac ticket. The reason behind this is very possibly due to the changes in the ImageMagick class. Whilst images are now handled better than before, it’s also added slightly more overhead to the code that resizes images. Now for a standard WordPress...

Integrating WordPress into Laravel


The Problem Recently whilst working on an outsourced project at We Are DWM we had a Laravel app and a WordPress site running side by side. The client had wanted the same design across both “sites” and for it to appear as seamless as possible. This really gave us two options: Maintain two separate sets of CSS and templates, one for WordPress and another for Laravel, or Find a way to...

How to allow SVG uploads in WordPress


Don’t. Nope, stop. You developers/bloggers who keep passing the below code around as a valid way of allowing SVG uploads in WordPress are killing me inside. Yes, this will allow you to upload SVGs in WordPress, it will also allow someone to upload an XML Bomb or an SVG with an XXE attack or god forbid a lovely XSS attack. You see, too many developers are allowing SVG uploads without...

Why I hate the WordPress signup page


I’ve been working with WordPress multisite a lot recently and whilst all in all it’s not too bad, there is one thing that really pisses me off about it, wp-signup.php. No matter how many times I try and get my head round the contents of this file, I still struggle. It just seems like this file is a complete cluster-fuck of functions, html and css. On top of that, I feel there are...

PHP South Coast 2015


I attended my first ever PHP conference yesterday, PHP South Coast. I must say, I had a great time, not only were people very welcoming, but the talks were also extremely good. The talks I attended are as follows: Keynote: Cal Evans Parallel PHP: Joe Watkins The Art of Programming: Erika Heidi Teaming up Backbone.js and the new WordPress API: Jeroen van Dijk API Pain Points: Phil Sturgeon...

Sanitize SVGs in WordPress


So my plugin Safe SVG has just been accepted into the WordPress plugin directory. Whilst mainly a proof of concept, I’m hoping that this plugin will help convince the core team that SVGs, with the right sanitization should become part of core. My major argument for allowing SVGs in core with sanitization is that there are currently 128 other SVG upload plugins in the plugin directory...

Safe SVG for WordPress


After a lot of testing of svg-sanitizer I’ve finally decided to make a WordPress plugin for it. This is more of a PoC to show that it can be done.
Once installed, the plugin will hook into the uploads and automatically sanitize any SVGs that you upload.
I’ll update this post when it’s on the WordPress directory but for now, here’s the download:
Click here to download

Daryll Doyle WordPress Development and Consultancy in Cornwall