• Englisch
  • Deutsch


Excel needs to know that you are using non-ASCII characters in your CSV or it will not display them correctly :)

Add the BOM(Byte Order Mark) to the first line, notifying Excel that you are offering a UTF-8 encoded file.

Enjoy coding …


I am currently working on a WPLMS enhancement for a customer, that allows to simplify the payout of instructor commissions. The whole system runs on the MyCred Points System and students pay for courses with Points. The problem is how to easily payout the instructor commissions via PayPal.

There is currently no addon for MyCred available that does that magic, so I build one myself.

At the moment the payment process via PayPal is completely manual, due to budget constraints. I am basically generating a custom „Send Money“ link that prefills the PayPal email and amount to send.

The interface itself handles the payout sessions, tracks the instructor balance, paid and unpaid points.

Here some images to illustrate the admin dashboard:


This list the instructors and their point balance and allows to start the payment process.


Payout sessions make sure, that only one session can be started per instructor, as the instructor could earn new points during the process. The points converted can be changed, allowing you to payout a fixed amount of points.

Its a 3 step process. Login at PayPal. Open the „Send money“ dialog and send money to instructor. Confirm that you manually send the money and than register the payment and payout points in the system.


The session can be cancelled at any point. You can also leave the session open and continue at a later point.


On the frontend I added an interface to the BuddyPress Profile, that allows the instructor to track his payouts and balance.


The whole setup could be updated using PayPal Adaptive Payments, to make the whole process completely automated. Something to consider for the future :) Pretty happy with the manual process so far and it will be a great help for my customer to keep track of the commission payouts.

The whole setup is currently targeted for WPLMS, but can easily be adapted to other setups using the MyCred Points System.

Enjoy coding …



20. Oktober 2015

WordPress Plugins & Sessions



Now go ahead and use $_SESSION freely in your plugin. Here a nice additional class to  encrypt session data.

Enjoy coding ….


HyperDB is a plugin for spreading your websites load across several servers and databases. Its currently used in production on WordPress.com.

  1. Partitioning, separate your data and spread it across multiple servers.
  2. Replication, master / slave setup for security.
  3. Failover, if one database fails, the other takes over.

Just started experimenting with it :)



Since version 5.6PHP is verifying peer certificates and host names by default when using SSL/TLS. This is causing problems on some servers / websites, where the config has not been setup correctly. If you can not fix the setup yourself, make sure to talk to your server host to fix that issue.

For PHPMailer (Github) there is a workaround:

This should only be a workaround until your configuration has been fixed. You are suppressing certificate verification and compromising your security!

As WordPress is using PHPMailer as its main email library, this can be tweaked by using the phpmailer_init hook:

Add this to your themes functions.php.


And here is how phpmailer->smtpOptions should be used,  on a properly configured server:

SSL changes in PHP 5.6: http://php.net/manual/en/migration56.openssl.php
SSL context options in PHP: http://php.net/manual/en/context.ssl.php

Enjoy coding…


Chrome 45+ is glitching on  WordPress admin menus.

Github Plugin version


Twital is a small addon for the Twig template engine, it adds shortcuts and makes Twig’s syntax more suitable for HTML based (XML, HTML5, XHTML, SGML) templates.

Should be also no problem to integrate it with Timber, currently looking into that ;)



„Powerful database abstraction layer with many features for database schema introspection, schema management and PDO abstraction.“

The following will get you started, these offer the Doctrine\Common and Doctrine\DBAL namespaces.

  1. Doctrine DBAL
  2. Doctrine Common


In the end your structure should look something like that:


The following will add a class loader, so that all the other classes will be autoloaded.


This will setup your first connection to a MySQL database.


This will do a simple first query


DBAL gives us some nice options to prepare queries.

By using the bindValue the placeholder „?“ is replaced. You can also use named parameters :)

More about this in the official documentation.

That was not too difficult ;)

Enjoy coding …


TWIG allows you to use regular expressions within its templates, this makes it possible to easily check if a post is sticky in Timber for WordPress.


Comparisons in TWIG


This is the template that is called within the loop on the index.twig to show each post.

The post.class holds the full set of classes assigned to a post, which includes the class „sticky“. We do the match magic and you can use that to style your sticky posts differently ;)


„Timber helps you create fully-customized WordPress themes faster with more sustainable code. With Timber, you write your HTML using the Twig Template Engine separate from your PHP files.

This cleans-up your theme code so, for example, your php file can focus on being the data/logic, while your twig file can focus 100% on the HTML and display.“


Twig is a modern template engine for PHP

  • Fast: Twig compiles templates down to plain optimized PHP code. The overhead compared to regular PHP code was reduced to the very minimum.
  • Secure: Twig has a sandbox mode to evaluate untrusted template code. This allows Twig to be used as a template language for applications where users may modify the template design.
  • Flexible: Twig is powered by a flexible lexer and parser. This allows the developer to define its own custom tags and filters, and create its own DSL.

Enjoy coding …


When building plugins or addons, sometimes we need to save custom files within WordPress.

These can be custom JavaScript or CSS files that a user edited and are loaded to override core functionality.

In most cases inline styles and scripts are an option, but not always the most elegant way. Everyone has to decide that for themselves. (wp_add_inline_style) Not talking about performance between inline and external files here :)

Another option is the wp_head action:


Many ask where can or should I save files created within a plugin.

  1. In the plugin folder ? Bad idea,  as that folder will be deleted on each upgrade of the plugin.
  2. In a separate plugin, just for those extra files. That is an option, but many webmasters prevent writing to any other folder than the upload folder. Also adding a blank plugin to just add upload folders is not really optimal.
  3. In the upload folder itself. Just like the name says, its the main folder to upload files to!


When dealing with file creation and uploads, security is always important. That relates to any other platform doing similar operations. A folder created within a plugin directory is not less or more secure than a folder created in the upload directory.

Its important to have the correct file and folder permissions set:

  1. Files should have permissions not higher than 664 (start at 644)
  2. Directories should have permissions not higher than 755 (start at 744) Try what works. The lower the more secure :)

There is a detailed article about permissions over at WordPress as well.

When it comes to creating files in PHP the term cross-site-scripting often comes up. When the system creates a file it is owned by the webserver and on a shared hosting account those files could be altered by another user on the same webserver. This could allow them to inject malicious code and compromise your sever.

That is why the WP_Filesystem was created, to make things more secure and make sure that the owner of files is correct.


WordPress provides a nice clean interface to create folders and save files to the upload folder. Here a simple example from one of my current projects.

Prepare the filesystem

Get upload dir information and prepare directory to save to

Check if file exists, create folder, delete similar and save.
In my case I am adding a custom key and the page id to the file.

If the direct way is not possible, you can also use or force the FTP approach

This will check for the ftp credentials and request them with a form if needed.

This is just a very rough outline of how to do it, but should get you started.

Enjoy coding …