--- title: "WordCamp Lancaster" date: 2016-03-05 author: "Courtney Robertson" featured_image: "https://courtneyr.dev/wp-content/uploads/2016/03/img_8695.avif" categories: - name: "WordPress" url: "/category/wptips.md" tags: - name: "wclanc" url: "/tag/wclanc.md" - name: "WordCamp" url: "/tag/wordcamp.md" --- # WordCamp Lancaster Notes from WordCamp Lancaster sessions ## Usability Testing – [Anthony D Paul](http://www.stickielab.com) - Usability tests are conducted to test the usability of our code/site and not testing the users ability. It is our fault, not theirs. - Validate client assumptions - User focus is best practice - Validate client assumptions - Inform your design decisions (to debate) - Show success over time - Grow as a practitioner (ex: hamburger icon) ### Strategy: - Project constraints + priorities = benefit ### Constraints: - What is the test budget - How many tests can we run? - Who’s in charge of recruitment? - Do we have demographic requirements? - Are participants local? ### Testing Options: - Moderated vs unmoderated - In-person vs remote - Desktop vs mobile ### Tools: - [InVisionApp.com](http://InVisionApp.com) - [TryMyUI.com](http://www.trymyui.com) ## Understanding Security Holes – [George Stephanis](http://stephanis.info) - For SQL Injection protection – don’t accept random strings. Be specific. Validate the user input. - Sanitize early – understand your content. PHP functions or WP functions, custom function or regex - Escape late – when you output, it may need to escape differently depending what it is going into. Understand the context of how the data is used. - Focus on the users when you get an error message. Reply to the user ASAP acknowledging that you are looking into it. - Confirm with the reporter that if you think you fixed the issue that it has for them as well. - Email before shipping an update. - PHP Code Sniffer can catch some insecure code – but automated tools often lead to a false sense of confidence. ## Searching for a better WordPress Search – Russell Heimlich - WordPress search is notoriously slow, no options or customizations, and has irrelevant results - WP is not a search engine. Default search is always going to be basic. - WP searches are sorted by relevancy since 3.7 - Priority in search results: Full sentence matches in post titles, all search terms in post titles, then any terms in post title, then sorted by date - Plugins: [Relevanssi](https://wordpress.org/plugins/relevanssi/) (search custom post types, taxonomies, fields, and options!), [Google CSE](https://wordpress.org/plugins/google-cse/) (uses Google for the processing, integrates with your theme, index built through crawling, but also pay per number of searches), Russ’s [Search Plugin](https://github.com/kingkool68/searching-for-a-better-wordpress-search) (redirects to Google) and [ElasticPress by 10UP.com](https://github.com/10up/ElasticPress) ## To be continued after lunch….