11.2.7 Post Thumbnails 398 11.2.8 Metadata API 402 11.2.9 Widgetized Sidebar Descriptions 403 11.2.10 Custom Post Types 403 11.2.11 New Theme Templates 404 11.2.12 Register Feature Support 405 11.2.13 Custom Theme Directories 406 11.2.14 Other Cool Changes in WordPress 2.9 406 12 WordPress 3.0 Update 12.1.1 Giant Leap Forward 409 12.2.1 New in WordPress 3.0 409 12.2.2 Goodbye Kubrick, Hello TwentyTen 410 12.2.3 Goodbye “admin”, Hello Custom Username 411 12.2.4 Custom Background Support 411 12.2.5 WordPress MultiSite: The Merging of WordPress with WPMU 414 12.2.6 Using Custom Taxonomies 419 12.2.7 Creating and Using Custom Menus 420 12.2.8 Custom Post Types 423 12.2.9 Shortlinks 425 12.3 Other Awesome 3.0 Features 428 12.4 Just the Beginning 429 8 Don’t make something unless it is both necessary and useful; but if it is both necessary and useful, don’t hesitate to make it beautiful. — SHAKER PHILOSOPHY 1 9 Welcome to WordPress 1.1.1 Welcome Welcome to the wonderful world of WordPress. Say that ten times fast! Sincere thanks for purchasing our book and we hope the information will be as useful to you as it already has been for us. 1.1.2 Why WordPress is Amazing There are all sorts of reasons you may have bought this book, but one of them might be because you are already a fan of working with WordPress. That’s great, because we are too, and it’s probably going to show. WordPress makes controlling the content of a website easy. It can be done by you, or you can train another person to do it, because the Admin area is as intuitive as it is powerful. WordPress gives you the keys to build sites easily with all the modern features that clients crave. And because WordPress is free, open source, and has fostered a giant community around it, you’ll always be in good hands. WordPress has changed the face of publishing content on the web, and we are all reaping the benefits. For all these reasons and more, we can safely say that WordPress is amazing. If you are buying this because your boss is making you design a site around WordPress and you are none too happy about it… Bummer. But hopefully by the end we can turn your frown upside down and bring you into the light. Plan 1. Buy Book 2. ??? 3. Profit! 10 1.1.3. How to Set up and Configure WordPress In this book you are going to learn how to set up WordPress. You’ll learn that installing WordPress is “famously” easy. Then we’ll discuss the various settings, explaining them as we go, and offering our professional opinions on why we recommend the things we do. In section 2.3.2 we discuss your choices with URL structure… In section 2.6.1 we go about choosing the perfect theme… In section 2.7.4 we go through some plugins that can be useful for any site… 1.1.4 How to Implement Advanced Functionality We are going to go through some things that you can do with WordPress that are above and beyond the standard call of duty. For example, we’ll cover how to use WordPress as a “full-blown Content Management System (CMS),” and try to dispel the myth that WordPress is just another blogging platform. We’ll explore things like using page templates and page hierarchies, dynamic tiered menus, custom fields, and even fancy stuff like shortcodes. Of course no discussion of advanced WordPress functionality can happen without discussing plugins. The flock of geniuses that is the WordPress community is responsible for an ocean of plugins that extend and advance the built-in functionality of WordPress. We will discuss quite a few of these plugins (all throughout the book), and even share the basics of writing your own. In section 5.5.1 you’ll learn about using WordPress as a full blown CMS In section 5.6.1 you’ll get a long list of plugins to check out for extending WordPress’ functionality In section 6.6.5 you’ll learn how to create custom RSS feeds of your content In section 7.4.4 you’ll see how to style comments in special ways for your authors and other members 11 1.1.5 How to Optimize and Secure WordPress Out of the box, and with a full cup of common sense, WordPress is a reasonably secure software package. But if you are up to snuff as a web designer/developer, you understand the importance of security and know that it is up to you to do everything possible to keep your site safe and secure. There are a slew of precautionary measures you can take to help with security, and we’ll show you all of them. Things like locking down sensitive files, checking file permissions, and using various manifestations of “security-through-obscurity.” While we are at it, we’ll customize our sites to streamline and optimize the efficiency of WordPress. Many of the things that can make WordPress faster are also things that can make any site faster, like reducing HTTP requests and optimizing images. But there are many WordPress-specific things you can do as well, like caching data, keeping your database optimized, and reducing the number of database queries. In section 8.2.1 you’ll learn to control potential duplicate content problems In section 9.1.5 you will learn how to secure your sensitive files In section 9.4.4 you’ll learn how to back up your database, in case of the worst Around the time of the writing of the first version of this book, a serious security bug swept through the WordPress world. Any version of WordPress prior to 2.8.4 was affected by it. The exploit was able to create an additional administrator account inside WordPress giving access to do just about anything with your site. The bug was fixed, users just needed to upgrade! WordPress’ popularity makes it a big target for bad guys. But that same popularity ensures fixes happen fast and security gets better and better. We will go through lots of security measures in Chapter 9. The big take-away here is: make sure to upgrade WordPress as soon as you can when new versions come out. It only takes a few clicks. Upgrade, Upgrade, Upgrade 12 1.1.6 How to Maintain Your WordPress Site As time goes by and your site grows and matures, there are steps to be taken to make sure your site remains happy and healthy. It should go without saying that you should keep your WordPress core up to date with the latest version, and that also means keeping your themes updated with the latest functions. As a top- notch web star, you’ll of course also want to keep an eye on your server logs, fight against 404’s and broken links, and keep up with your moderation duties. In section 8.5.4 you’ll get an intro to Google Analytics and other metrics you can monitor on your site In section 9.2.3 you’ll start to learn how you can fight against comment spam using WordPress’ built-in features In section 9.3.3 you’ll learn about a plugin to watch for broken links on your site 1.1.7 Don’t Worry We sincerely hope none of this sounds daunting or over your head, because it’s not. WordPress is easy, especially compared to its beastly competitors. 1.2.1 So, You’ve Never Heard of WordPress If this is your first shindig with WordPress, there are a few things that may not be instantly obvious. If these things are obvious, good, you’re ahead of the curve, and remember there was a time in all our lives these things were not obvious. Static vs. dynamic sites Your old Geocities page? That was a static site. Your new WordPress powered site? That is a dynamic site. Dynamic sites have content that is stored in databases and pulled out and displayed as instructed by templates. This is a powerful way to build 13 sites. It may seem complicated at first, but the flexibility offered by dynamic sites is well-worth the price. Dynamic sites are… • Better for designers - templates make it far easier to make global changes to a site. • Better for developers - having content in databases allows them to get you what you need when you need it. • Better for site managers - it puts publishing into their hands with tools meant for normal people to use. • Better for visitors - because the site you create with it will be fantastic! WordPress.org This book is about the self-hosted, download-and- install-it-yourself version of WordPress. This is the WordPress to which WordPress.org is dedicated, enabling you to download the latest version, participate in the forums, and browse the Codex (the extensive and official WordPress documentation). This is the version that is for “real” designers and developers, as it offers you absolute and total control of your site, for use on your own servers, with no usage restrictions at all. WordPress.com Perhaps introducing slight confusion, there is also a WordPress.com, which is a hosted blogging service owned by the same parent company (Automattic). Sites hosted at WordPress.com are located at URLs like “yoursite.wordpress.com” and are largely used only for blogs. There, you have less control, can’t do things like use plugins, and cannot deliver your own advertising. Of course, it’s also free, easy, and uses essentially the same Admin as self-hosted WordPress, so it’s great for your Mom; but even so, we’ll be using the real WordPress for our websites! 14 1.2.2 One Template, Many Pages If you are a web designer, you’re probably already at least a little familiar with Cascading Style Sheets (CSS). It’s such a beautiful concept. A single CSS file controls the design for lots of pages. So if one day you decide that your dark-red background color should be a little lighter red, you can make one little edit and cause a sweeping design change to your site (as opposed to opening hundreds of pages and making the change on each one). That’s what a CMS like WordPress does, only instead of abstracting design away, it abstracts the content away. With a template system like WordPress, you can make a change to the template and change the way all the pages that use that template are displayed. Perhaps you want to display the date above each Post title instead of below? No problem, just change the template. In this day and age, HTML isn’t for actual content, just structuring content. 1.2.3 Powerful, Flexible and Extensible You can witness the power and flexibility of the template system very easily, because WordPress allows you to quickly change the entire template you are using with just a few clicks. Find a new theme you like while browsing the web? You can upload it to your own site and activate it in seconds. All your content will then flow into this theme auto-magically! It’s a wonder to behold, but remember not to change your theme too often or your visitors will be lost and confused. The same things that make WordPress themes flexible also make them extensible. For example, adding new content to your sidebar is likely as easy as opening your sidebar.php and adding in the new stuff. Your theme might even be widget-ready (see section 4.9.1), meaning you can add, alter, or remove content and functionality from your sidebar (or any other widget-ready area) without looking at any code at all. Appropriate Uses CSS = Design Database = Content HTML/PHP = Get & Describe Content JavaScript = On-page Functionality Don’t Cross the Streams! 15 1.3.1 Key Components of a WordPress Site There are some things that need a bit of explaining before we get much deeper. For lack of a better term, we’ll call them “components.” Components represent the main parts of a WordPress site, including the actual files that make things go, and the database that houses all of the data. Together, these two components – the files and database – generate the web pages for your site. Once generated, there are two central types of these web pages, the Admin area that only you see, and the public pages that the whole world can see. Let’s take a closer look at each of these different components. 1.3.2 WordPress Core Files When you go to WordPress.org and download a copy of WordPress, you are downloading the WordPress core files. It’s a big folder full of files and a few subfolders full of even more files. Once you download and unzip the WordPress package, you’ll notice that most of the file and folder names begin with a “wp-” prefix. The WordPress core files are the things that make WordPress tick, the things that make WordPress a complete software package. Most of these files you’ll never touch. A few of them you’ll touch very rarely, and a certain subset of these files you’ll be in and out of all the time, especially when building a theme. 1.3.3 The WordPress Database To get WordPress installed and running, you will need to set up and configure a MySQL database. The WordPress core files don’t actually contain any of your site’s content, they merely provide the functionality required to display the content stored in the database. All of your blog posts, plugin settings, and site options are contained in the database. This can be a bit of an abstract concept, especially since the database is something 16 you may never actually see. It’s not even a “file” on your server that you could see and download (unless it’s a backup copy). It just kind of lives in the cloud that is your server, humming along and doing its thing. Despite being this elusive and abstract entity, the database is arguably the most important part of your WordPress site. All the Posts, Pages, Revisions, Comments, Users, and all of your other content and settings reside exclusively within the database. Even if you had a total server meltdown and lost everything, with a backup copy of the database you would be okay. You could reinstall WordPress, find a workable theme, and be back up and running in minutes while you worked on rebuilding the design. On the other hand, if you also lost the database, you would have lost every single bit of content on your site forever. In other words, don’t lose your database! This is what the “Dashboard” of the Admin area looks like. There is lots of functionality, information, and navigation here. Fortunately it is beautifully designed, and feels natural to use after a short learning curve. The Dashboard can also be customized. Eliminate things you don’t use through a simple dropdown and checkboxes. Then rearrange the “modules” by simple drag-and-drop. Choose your poisons. Drag and drop modules from their title bar. Database Backups For information about backing up your database, see Chapter 9.4.4 . visitors - because the site you create with it will be fantastic! WordPress. org This book is about the self-hosted, download-and- install-it-yourself version of WordPress. This is the WordPress. Other Cool Changes in WordPress 2.9 406 12 WordPress 3. 0 Update 12.1.1 Giant Leap Forward 409 12.2.1 New in WordPress 3. 0 409 12.2.2 Goodbye Kubrick, Hello TwentyTen 410 12.2 .3 Goodbye “admin”,. can monitor on your site In section 9.2 .3 you’ll start to learn how you can fight against comment spam using WordPress built-in features In section 9 .3. 3 you’ll learn about a plugin to watch