Notes from WordCamp Lancaster sessions
Usability Testing – Anthony D Paul
- Usability tests are conducted to test the usability of our code/site and not testing the users ability. It is our fault, not theirs.
- Validate client assumptions
- User focus is best practice
- Validate client assumptions
- Inform your design decisions (to debate)
- Show success over time
- Grow as a practitioner (ex: hamburger icon)
Strategy:
- Project constraints + priorities = benefit
Constraints:
- What is the test budget
- How many tests can we run?
- Who’s in charge of recruitment?
- Do we have demographic requirements?
- Are participants local?
Testing Options:
- Moderated vs unmoderated
- In-person vs remote
- Desktop vs mobile
Tools:
Understanding Security Holes – George Stephanis
- For SQL Injection protection – don’t accept random strings. Be specific. Validate the user input.
- Sanitize early – understand your content. PHP functions or WP functions, custom function or regex
- Escape late – when you output, it may need to escape differently depending what it is going into. Understand the context of how the data is used.
- Focus on the users when you get an error message. Reply to the user ASAP acknowledging that you are looking into it.
- Confirm with the reporter that if you think you fixed the issue that it has for them as well.
- Email security@wordpress.org before shipping an update.
- PHP Code Sniffer can catch some insecure code – but automated tools often lead to a false sense of confidence.
Searching for a better WordPress Search – Russell Heimlich
- WordPress search is notoriously slow, no options or customizations, and has irrelevant results
- WP is not a search engine. Default search is always going to be basic.
- WP searches are sorted by relevancy since 3.7
- Priority in search results: Full sentence matches in post titles, all search terms in post titles, then any terms in post title, then sorted by date
- Plugins: Relevanssi (search custom post types, taxonomies, fields, and options!), Google CSE (uses Google for the processing, integrates with your theme, index built through crawling, but also pay per number of searches), Russ’s Search Plugin (redirects to Google) and ElasticPress by 10UP.com