The key feature of the flexible foundation WordPress consists in skillful use of hooks. Used in themes, plugins and kernels, hooks make it possible to achieve an unprecedented expansion while maintaining compatibility with subsequent WordPress versions. From here it follows that the understanding of hooks should be a mandatory part of the "repertoire" of developers. Join us - Today we will look at the hidden sides of this simple, but at the same time a powerful system. What will be discussed: we run on the concept of hooks, their use and, of course, show examples of their use.
Concept: What is hooks and why are they used?
For any qualitatively written software lies a powerful concept that answers questions "What is?" and why?". Hooks - no exception. Speaking with simple words, a hook is a placeholder for action. When a specific event occurs, such as a recording publication, a hook is activated, allowing you to implement the appropriate reaction. In terms of developers, hooks are an example of a system managed by events.
The concept of hooks requires a more detailed explanation, rather than a simple definition of the term - we need to understand what they are useful. Hooks play in WordPress key role due to the continuous development of this system. Hundreds of developers are constantly updating the system, which means there is no possibility to edit the basic files of each plug-in, themes or a separate setting, as they will often change. Instead, a framework is required to expand the system, allowing to connect external functionality to achieve the same powerful effect, as in the case of internal manipulations. Hooks - a key feature of this framework.
How to apply hooks?
As a developer, you must understand not only what hooks do or why they are introduced, but also to know how to create them. In other words, to fully understand the system of hooks, you need to figure out how they are applied.
By analogy with a written test, a view of the answers is not always the best idea. According to many strategies for passing tests, you must first read the question, formulate your own thoughts about the answer, and then make a decision that the closest meets your rationale. Such method can be applied in the process of studying software development; Instead of looking into someone's code to understand how one or another feature is being implemented, it is often useful to first write it yourself, and then go back and explore his work. That is how we will do.
Work with the documentation
To understand how the system is implemented in practice, it is often useful to look at the documentation. Let's study the article on the two basic functions of the subpatch presented in the Code:
- add_action ($ Hook, $ Function [, $ Priority [, $ numargs]]) - Specifies the processer of the function $ function, which is called if a specific Hook $ Hook is activated as a result of an event. $ Priority Determines whether this function handler will be caused before or after other functions handlers (by default, the variable is 10). The smaller this indicator, the earlier the function will be caused. $ Numargs - the number of arguments received by the function handler (default 1).
- do_action ($ hook [, $ arg1 [, $ arg2 [, $ arg3 [, ...]]]) - activates a certain Hook $ Hook by calling all the functions with optional arguments $ arg1, $ arg2, $ arg3, etc. .
Now, when we have documentation in one hand, we can make some conclusions about these two functions. Add_action simply connects the function, priority and number of arguments with a string. It reminds the ideal task for PHP arrays, which also work as hash cards that store key-value pairs. Do_action is a more trivial function - it appeals to this array, looking for functional handlers and causes them subsequently. Holding our scheme in memory, it's time to go to the use of hooks.
Apply the knowledge gained in practice
Since we do it to get knowledge about the WordPress huk system, we do not need to apply these two functions in full compliance with the documentation. Instead, let's focus on their use without unnecessary parameters to save your time and quickly understand the essence.
Before you start, let's create an action plan:
- We will need a global array that will be available for both functions.
- aDD_ACTION Save to the array of the specified hook name and set of appropriate handlers in the form of a key-value pair.
- do_action will receive handlers of functions from an array for a given hook and will cause each of them.
The code will look like this:
$ actions \u003d array (); Function Add_action ($ Hook, $ Function) (Global $ Actions; // CREATE AN ARRAY OF FUNCTION HANDLERS IF IT DOESN "T ALREADY EXIST If (! Isset ($ Actions [$ Hook])) $ Actions [$ Hook] \u003d Array (); // APPEND THE CURRENT FUNCTION TO THE LIST OF FUNCTION HANDLERS $ ACTIONS [$ HOOK] \u003d $ FUNCTION;) Function Do_action ($ Hook) (ISSET ($ Actions [$ Hook])) ( // Call Each Function Handler Associated with This Hook Foreach ($ Actions [$ Hook] AS $ FUNCTION) Call_user_Func ($ function);))
Excellent; We have created a universal system of hooks using about 20 rows of code. Now that we have an idea of \u200b\u200bhow hooks work, let's dive into the WordPress kernel code to confirm our hypotheses.
You can quickly move along the code using different tools - such as, for example, Yoast's PHP Cross Reference of the WordPress Source.
Search by "add_action" gives the following code:
Function Add_action ($ Tag, $ function_to_add, $ priority \u003d 10, $ accepted_args \u003d 1) (Return Add_Filter ($ Tag, $ Function_TO_ADD, $ priority, $ accepted_args);) Function Add_Filter ($ Tag, $ Function_TO_ADD, $ Priority \u003d 10 , $ accepted_args \u003d 1) (Global $ WP_Filter, $ Merged_Filters; $ IDX \u003d _WP_FILTER_BUILD_UNIQUE_ID ($ Tag, $ Function_TO_ADD, $ Priority); $ WP_FILTER [$ Tag] [$ Priority] [$ iDX] \u003d Array ("FUNCTION" \u003d \u003e $ function_to_add, "accepted_args" \u003d\u003e $ accepted_args); unset ($ Merged_Filters [$ Tag]); Return True;)
add_action Causes Add_Filter, which, in turn, adds a specified function to an array associated with $ Tag hook. Despite the fact that here we also use the $ priority and $ accepted_args parameters, this feature fully meets our assumptions. Do_action will be slightly longer and more difficult:
FUNCTION DO_ACTION ($ TAG, $ arg \u003d "") (DO (FOREACH ((Array) CURRENT ($ WP_FILTER [$ TAG]) AS $ The_) if (! Is_null ($ the _ ["function"])) call_user_func_array ($ The _ ["function"], array_slice ($ args, 0, (int) $ the _ ["accepted_args"])));) While (NEXT ($ WP_FILTER [$ Tag])! \u003d\u003d FALSE);)
Cyclic passage of related functions and the challenge of each of them is not for us something strange; In fact, this is exactly what we talked about in our implementation. Therefore, the fact that we started with thoughts about the code, not only helped us better understand it, but also awakened critical thinking to solve the problem, which is very important in the development of software.
Examples
Possessing the understanding of the work of hooks, let's take a look at the other two examples. The first example is working with RSS; Instead of sending notifications through syndication, why not use email for this?
Mail notification system
To implement this system, we need to receive the recording date. However, what hook should we use for this? The description of the Action API offers a list of huts along with the events related to them, which will help us get the answer to the question above. The description of the hook Publish_Post is suitable for our requirements, because let's add the handler of the functions to it:
Add_action ("publish_post", "notify_via_email");
All we have left to do is send an email notification in the Notify_VIA_EMail function handler. Please note that the publish_post Hook sends an entry ID as an argument to our function. This will allow us to receive recording information using the Get_Post function:
Function Notify_VIA_Email ($ post_id) ($ post \u003d get_post ($ post_id); $ to \u003d " [Email Protected]"; $ subject \u003d" POST PUBLISHED ON ". Get_bloginfo (" Name "); $ message \u003d $ post-\u003e post_title." Was Published ON ". Get_bloginfo (" Name ")." AS OF ". $ post-\u003e post_date . ". You may view it at ". Get_permalink ($ post_id)." "." WP_Mail ($ To, $ Subject, $ Message);)
After receiving the record, we apply its title, date and permanent link in our mail message. It will then be sent using the WP_Mail function, which requires the address of the recipient, the subject of the letter and the message as its parameters. With all this, our system of sending postal notifications is ready. Please note that it is not recommended to call several WP_mail functions at once, since it leads to a noticeable page loading delay after the recording publication button is pressed.
Plugging Google Analytics
Our first application, let a somewhat contrived, made a brief introduction to the use of hooks. Now we will give a second example, which will be closer to real use in practice. We will create a simple Google Analytics plugin, which will automatically insert tracking code into the foothold of the page.
At first it may seem that the topic is a more suitable environment for such a code. But this is only an imaginary performance, for the subject of the site is susceptible to versions and changes. An analytics code can be easily lost when moving from one topic to another. Creating a plugin allows you to avoid this problem, since it will remain active regardless of the topic used. You do not have to make any changes in the topic every time after it is replaced.
But how to add code to the footer of the site? All the same - with the help of hooks. If you worked with WordPress themes before, you probably called the WP_Head and WP_FOOTER functions in Header and the footer of your site, respectively. Both of these functions simply activate hooks so that the plugins can easily add their code to these vital areas of the page. Therefore, we just add the action to the hook WP_FOOTER:
Add_action ("WP_FOOTER", "add_google_analytics_code");
Our ADD_GOOGLE_ANALYTICS_CODE feature, as assumes its name, prints Google Analytics:
Be sure to change the UA-XXXXX-X to your personal ID, depending on the site. As a result, everything will work. Just add the specified code to the file and download it to your folder with plugins. Make sure the plugin contains a title - for example, such:
"Do not use the Goto operator" - So told us teachers at the Academy, and indeed, this operator turns the code into a complete porridge. PHP developers solved the problem dramatically - it is simply not in PHP3 and PHP4. What were they initially guided? Maybe you wanted to instill our correct programming style? Well, we can say it quite succeeded - we are all already accustomed, that is, it's right that it was completely looked off from this operator, maybe it is for the better, because at one time I had to come up with a logical design that completely compensated for this most illicant goto..
I do not know anyone like, and I especially often have a desire to use Goto when creating an HTML handler of the form, when a variety of data is sent to the server, which PHP script should be gradually check. This process is as a rule, in several stages: Printing the form itself, check the received data, pre-show, and, for example, saving. Moreover, some steps may repeat: if the data check did not pass successfully go to the form of the form, or if the pre-show did not suit the user, it can return to the data entry. In short, some pieces of code can be used multiple times. It is also not very convenient to use functions in these conditions - a lot of input and output variables, the function should perform too complex actions, in general the coryavo is obtained and the readability of the code drops sharply.
And I came up with such a design.
do ( switch ($ Action) ( default: break; cASE "PRINT_FORM": We print the main form break; case "Check_form": Check the correctness of the data break; cASE "PREVIEW_FORM": Preview break; case "Save_Form": We save the data break; ) While (True); |
Here is the main multiple selection operator switch Enclosed in an infinite cycle do-while - Thus, we group the necessary actions in sections case: Break; And we can unlimited to move from one section to another. In the section default: it is convenient to make a preliminary data analysis for example if there is no input $ Action \u003d 'Print_Form' We print the form, if there is for example $ _Post ['submit'] then send to the processing of the received data $ Action \u003d 'Check_form'. Control between the Switch blocks occurs by changing the variable $ Action., Well, out of the cycle using break 2; or EXIT.;
For example, in the print block of the main form, you can safely put break 2; Tuzzle the form of the form involves the end of the script.
The design is very flexible and readable. But there is one disadvantage - if the data is incorrectly processed, you can get into an infinite loop and the script freezes - it is unpleasant to wait as long as 30 seconds.
Let's set the limit on the number of operator cycles do-while, 20 is enough with your head. Now if we flew something the script wounds 20 turns, stop and dropping a warning about the stop stop.
Delated this housing is very convenient - quite after the operator swith Print the $ Action variable and we get a complete sequence of block execution.
Do (// At the beginning of each cycle, print the title // Completed section is very convenient for debugging Echo $ Action. ""; SWITCH ($ Action) (default: break; Case "print_form": / * Print the main form * / break; Case "check_form": / * We check the correctness of the data * / break; Case "Preview_form": / * Previewing * / Break ; Case "Save_form": / * Save data * / break;) // END Switch) While ((($ i ++)< 20) or die("Принудительный останов цикла"));
Do ( // At the beginning of each cycle typing the name // completed section is very convenient for debugging echo $ Action. "";< / strong > Switch ($ Action) ( default: break; cASE "PRINT_FORM": we print the main form break; |
This article refers to the use of PHP _SELF variable.
What is the PHP _SELF variable?
The PHP _SELF variable returns the name and path to the current file (relative to the root of the document). You can use this variable in the Action form attribute. There are also some nuances that you need to know. Of course, we cannot bypass these nuances.
Let's look at a few examples.
Echo $ _Server ["php_self"];
1) Suppose your PHP file is located at the following address:
Http://www.yourserver.com/form-action.php.
In this case, the PHP _SELF variable will contain:
"/Form-Action.php"
2) Suppose your php file is located at this address:
Http://www.yourserver.com/dir1/form-action.php.
PHP _SELF will be:
"/dir1/form-action.php"
PHP _SELF in the Action form attribute. Why did she need it there?
Typically, the PHP _SELF variable is used in the form Tag Attribute. The Action attribute indicates the address to which the content of the form will be sent after confirmation (click the button with the Type \u003d "submit" button). As a rule, this is the same page with which the form has gone.
However, if you rename the file to which the form refers, you will need to rename the name of the file in the Action attribute, otherwise the form will not work.
The PHP _SELF variable will save you from unnecessary corrections, since the page address will be generated automatically, based on the file name.
Suppose you have a file with form-action.php form, and you want to go after confirmation to the same file. Typically write like this:
The code that is standing at the top of the HTML page will be performed first. In the first line of the code it is checked: the form is sent or not. If there is $ _post ["submit"], then the IF design is performed (true) and the name entered by the user will be displayed.
If the variable $ _post ["submit"] does not exist, then the form has not been sent and, accordingly, the IF design will not be executed (FALSE). Therefore, the username will not be displayed.
Unwanted moments associated with the PHP _SELF variable
The PHP _SELF variable is used to get the name and path to the current file - well, but it can also use hackers - bad. If your page is PHP _SELF, the user can enter the slash (/) and prescribe malicious XXS scripts.
Consider an example:
You can see yourself that the Script tag and the Alert team have been added to the code. When this page is loaded, the user will see a warning window. This is a simple example of how PHP _SELF variable can be operated.
Any JavaScript code can be added between Script tags. Hacker can also refer to the JavaScript file that will be located on another server. In this file, it will probably be a malicious code by which a hacker can change global variables and change the form to another address in order to intercept the data entered by the user.
How to avoid troubles related to PHP _SELF
Trouble can be avoided using the HTMLENTIES () function. Take a look at the form code where the HTMLENTIES () function is present.
