WordPress Articles from David Hayes

David B. Hayes is co-owner of WPShout. He's been using WordPress since 2007, and has a mature love (like an old married couple) for the content managment system. He's done loads of client work with it, uses it on a variety of personal projects, and generally thinks it's worth most people keeping it in their toolbox.

In addition to WordPress, he's into cycling, board games, and civic tech (running Code for Fort Collins). He also loves coffee and write about it at LowKeyCoffeeSnobs.com. And lastly (for this space) he writes about code beyond WordPress at Thoughtful Code.

More than you need to know about WP’s Database

I really love this little tour from Iain Poulson at Delicious Brains about the WordPress database. There isn’t a lot in this that I didn’t know or couldn’t guess. That may well be true for you too. But if you don’t feel like you know WordPress’s database well (or even if you do) you can’t really compete with how simple and approachable its whole format it. By simply listing each of the database’s table and explaining what each column does, you can’t read this article and not have *profoundly* deepened your understanding of WordPress’s database and how it works. So please give it a look 🙂




Searches for WordPress Have Surged

A quick little uplifting story I missed a few weeks ago: as the COVID-19 lockdowns were setting in worldwide, more and more people were doing web searches for “wordpress.” Or so reports Alex Denning, the original creator of WPShout, and a reliable man in my book.


Preventing a WordPress XSS Attack: Complete Guide to Validating, Sanitizing, and Escaping Data

sanitization kit against xss attack

When it comes to making your WordPress site secure as a developer, probably the most impactful thing you can do is make sure you always clean up data that your code receives from users. That means, generally, two things, validating or sanitizing it on the way into your system. And escaping it on the way out, reducing the chance of a WordPress XSS attack. WordPress Cross-site Scripting attacks are one of the most common ways people compromise sites. So today we’ll cover how they work.