On maintaining a WordPress plugin for 11 years

Eleven years in and I find myself in a curious surge of development on Redirection.

Let me prefix this with the statement that Redirection is old. I mean, you got that from the title right – 11 years. It’s quite a while. But more specifically I mean that it’s old code. It’s been around since WordPress 1.5 and PHP 4, and a lot of the code and reasons for the code, are based on things that have long since passed.

When I started the plugin it was to cover up some of the mistakes I made as a novice blogger. I released updates without a thought to who was using it. People offered suggestions for new features and I’d include those, also without a thought – why not, it’s all good.

Development of WordPress started increasing in pace. I found myself playing catchup just to keep the plugin working. A lot of code became redundant and technical debt started accumulating. At one point I think the plugin worked on WordPress from versions 1.5 through to 4. Now I only check the last three versions.

Then I became aware that a lot of people were using the plugin. Some 600k active installations, according to the stats. This made me horribly aware that small changes affect a lot of people. Big changes become hard, and I become reluctant to do anything.

And people. They sometimes get angry. In the early days of WordPress people were more forgiving. Maybe I was younger and didn’t notice.

Then I’m referred to as a team. Don’t I have support staff? Maybe I’m a company. Your support sucks, by the way. All of a sudden plugins are commercial enterprises with lots of money being exchanged and I’m trying to squeeze spare time in between work and family.

Some people sent donations. Some people sent $0.01. I was never sure if that was an insult or a misunderstanding.

I had a kid. That really eats into your time. Someone hacked my server via a WordPress vulnerability that I hadn’t updated while my daughter was being born. Nice.

For a long while not much happened with the plugin. I got some grey hair. The world went forward, then backwards. People complained. People suggested it had been abandoned. (Dodgy) people offered money to ‘buy’ it.

Gradually, though, I started trying to modernise it. Unit tests were introduced. Old features were phased out and I focussed on the things people were having problems with. The technical debt was slimmed down.

Recently I started replacing the UI with React. This started with a single page, then another, and soon it will be everything. I’m able to do things better and much faster, and all of a sudden inspiration is back.

Now I find myself compiling JavaScript. When the plugin started this would have been a horrible joke and yet the plugin is now full of build scripts and compilation steps. It’s the 90s returned. And you know what? I’m enjoying it again.

Eleven years. Huh.

HTTPie as a cURL replacement

I’ve been giving HTTPie a try recently. It’s a command line HTTP client that aims to be simpler to use than cURL while providing a richer experience.

As an example, if you’re developing against a REST API it’s useful to send requests:

curl https://public-api.wordpress.com/rest/v1/sites/3584907/

curl-example

http https://public-api.wordpress.com/rest/v1/sites/3584907/

http_example

Now you can see what is happening! (although, it seems, I need a better terminal colour scheme)

You can certainly use tools such as jq to prettify cURL (or in the case of the WordPress.com API, pass ?pretty=1), but it’s built-in with HTTPie.

If it’s specifically JSON you want to see then you can use a Chrome extension such as JSONView may be easier still.

Although the above example is very simplistic, when you start digging into an API with HTTP verbs and authentication headers, HTTPie’s syntax is easier and less obscure than cURL.

How do you get this tool? Using brew you can just:

brew install httpie

WordPress-ish JavaScript Code Standard – ESlint Config

I’m spending a lot of time with JavaScript these day, and find linting tools to be invaluable for spotting some mistakes. I started off with JShint plugged in to Sublime Text via this JSHint plugin.

More recently I’ve switched to ESlint. It seems to identify more issues and formatting problems than before, is easy to configure, and is also extensible.

I’m gradually tweaking an ESlint configuration file that somewhat matches the WordPress coding standards (with some of my own amendments), and thought I’d release it here:

It’s not perfect yet by any means, so make of it what you can. Hopefully it will improve with time.

Redirection on Github

Redirection is now being developed on Github. I’ve been running it there for a few months now and have already received several pull requests and fixes. It’s a good place for other people to contribute.

It’s also the best place to report any bugs or feature suggestions (anything sent to me by email tends to disappear into a black hole, and patrolling the WordPress.org forums is very time-consuming).

If you’d like to run with the latest version of the plugin then please do use the Github repo as the canonical ‘trunk’ version. The more people that do this, the less likely I am to release something that breaks sites.

I’ve yet to put a working git-to-SVN system together so I’ll manually sync things over to the WordPress.org SVN repository when ready for release.

That all-important link:

https://github.com/johngodley/redirection

I look forward to seeing how it develops!

Redirection – seven years old

Many people have contacted me to say that Redirection is broken with the latest versions of WordPress, outputting this message:

PHP Warning: Missing argument 2 for wpdb::prepare()

I’ve known about this for a long while, it’s a very easy fix, and in fact it’s been fixed for a long while – Redirection 2.3.2 has been available in SVN for many months. However, it was accompanied by some other structural changes in the plugin that may have actually, for real, broken things and so I’ve held off releasing it as a general update.

In the intervening time I’ve had my hands busy with other things, but have finally finished the release for public consumption, and the message is no more. Hurrah!

All this to say that if you nag me long enough I’ll eventually remember to do something.

For the pedants like me, it wasn’t actually broken – it’s a warning – and if you were seeing this on a production website then I’d very much advise disabling error messages.

While writing this release post I noticed that the plugin is over seven years old. Seven!

Sequel Pro Tips: table filters and auto-suggest

Sequel Pro is great, and there are a few tricks to make it even greater. If you have a database with a lot of tables then the table filter field is useful:

A neat tip is that you can use the pipe character as a logical OR operator, so you can show tables that match several conditions. Below is post|comment – tables that match post or comment:

Very handy if you have to swap between tables that are lost in a big list. You can chain together many filters in this way.

Another nice feature is the SQL auto-suggest. From the query tab, press escape as you are typing out a table or column name:

A box appears with matching suggestions. You can use cursor up/down to move between suggestions, and enter to select.

Finding bad and out-of-date passwords in 1password

I use 1password to keep track of all my passwords. Over the years I’ve built up a lot of logins and a lot of passwords, and for various reasons some of them are not so good.

With the recent news about LinkedIn and Last.fm password leaks, it’s worth keeping an eye on your passwords. 1password has a nice feature called smart folders. You can use these to quickly find susceptible passwords.

Click the cog button in the bottom left of the 1password screen and pick ‘New Smart Folder‘:

At the top of the data area, configure a set of rules to be ‘kind is login‘ and ‘password strength is less than or equal to 60‘ (you can change the minimum password strength to suit).

Save the folder and it appears in the folders section on the left on the 1password window. Clicking on this folder will show all your bad passwords. Time to get updating!

You can also create a smart folder that shows passwords that you haven’t updated in over a year by setting the smart rule to ‘modified before date’.