Believe it or not, I’ve never released a plugin that I’ve written essentially from scratch. Just little forks here and there.
Even though I’m a very confident and experienced theme developer, plugin development is something I just don’t feel comfortable with at this time.
I’m hoping more experienced plugin developers can take a look at my code and critique it.
To be clear, this isn’t a “how do I promote my plugin” topic because I don’t care if this plugin gets popular at all. It’s a “would you do something differently and if so, why” topic.
Story behind the plugin
I have a “client” that uses very long Gravity Forms. As such, Save and Continue is a very useful feature for users of the form, who often complete part of the form, save it, and revisit it later to finish it off.
For those not familiar with Gravity Forms, once the user hits “Save and Continue” they are given a URL like this:
Along with a prompt to input their email address so they can email that URL to themselves. Once that URL is visited again, the form can be seen again just as they left it, ready to be worked on some more.
However, for whatever reason, users occasionally misplace the link, and request support from the client in order to recover it so all their form progress doesn’t seem lost (even though it’s still safely stored in the database).
On the backend, the incomplete entries are saved in the database, but there is no way to view them in the WordPress admin interface. You need to go into the database and find the token.
For most web developers, this isn’t a huge problem. Just hop on over to phpMyAdmin, go to the
wp_rg_incomplete_submissions (may vary depending on multisite and/or custom prefix) table and search for it. However, without going into too much detail, this particular client has strict security rules, and many hoops have to be jumped through before a database search can be performed.
This plugin provides a rudimentary interface in the WordPress backend to access any incomplete entries, so regular WordPress site admins (and not database admins) have a way of recovering these tokens.
It basically just reads from the database table where these incomplete entries are stored, and outputs that information on an admin page.
I released the plugin on GitHub: Access Incomplete Entries for Gravity Forms
Some things I’ve taken care of already:
- Exit if the file is accessed directly
- Make sure only those with the
manage_optionscapability can access the page
- Make sure the correct database prefix is used, ensuring this still works on multisite or a custom database prefix is used
- Escaped all output from the database. Since I’m not writing to the database, I figure that’s all I’d need to worry about in terms of escaping/sanitizing?
Some specific questions I was wondering about:
Since this plugin is useless without Gravity Forms, should I add some sort of conditional to make sure Gravity Forms is active before running any code?
At the moment, this plugin page is listed under the “Tools” menu. Would it make more sense under “Forms” (where the rest of the Gravity Forms stuff is)?
<table border="1" cellpadding="10">part makes me barf. Are there any WordPress admin classes I can take advantage of for basic table styling? Although I could, I’d rather not add CSS just for something as simple as table styling.
Would OOP code be a better choice here? Or for a plugin this simple, would it not matter much?
I plan on eventually submitting this to WP.org, and want to make sure this plugin is translation-friendly. I know “language packs” were recently introduced. Is there anything I need to do to add translation-friendliness, other than make the strings translatable? Should I generate a .pot file as well?
Any other feedback (not limited to the above questions) would also be much appreciated. Thanks!