A Solution to Limited Search

Written by Vasken Hauri, Vice President, Platforms & Systems at ElasticPress.io, one of our sponsors.

WordCamps are a great way to see the strength of the WordPress community up close. At WordCamp Seattle, you can connect with hundreds of WordPress developers, designers, and publishers. ElasticPress.io is proud to support the WordPress community as a sponsor of another WordCamp Seattle. There’s an indelible link between an open, collaborative internet, the strength of the tools and platforms that drive experiences on the web, and the community that builds it all. WordCamps provide an integral opportunity to grow and educate that community, which is why 10up—the company behind ElasticPress—has been sponsoring WordCamps since our founding back in 2011.

ElasticPress.io is 10up’s solution to the limited search features and other query bottlenecks endemic to WordPress core, especially when used at scale.

MySQL

You see, out of the box, WordPress uses MySQL to organize and store content—a popular database making WordPress accessible to developers, and making it possible for small sites to access cheap hosting. However, databases like MySQL aren’t optimized for freeform search and more complicated filtering and faceting. So much so that, by default, WordPress search only looks at post titles and content, omitting valuable data that might be stored in places like custom fields. Multifaceted queries—say, looking for (1) women’s (2) t-shirts in size (3) medium that are (4) in stock and (5) less than $30 are slow and taxing on hosts, and, with so many combinations, cannot easily be circumvented with conventional techniques like caching. This limits the options for large-scale databases or sites running in a shared hosting environment.

Some plugins work around some of these challenges in inspired ways, but most are restricted to mitigating unavoidable MySQL limits. The more your content grows—whether you’re a newsroom with thousands of stories or a store with hundreds of SKUs—and the more ways to filter that content, the more unavoidable the problem becomes. Plugins, like SearchWP and Relevanssi, do a good job of addressing the weaknesses inherent in default WordPress search, but we believe these best serve sites with smaller databases, or perhaps up to a few thousand posts. Larger sites will require a different solution.

Elasticsearch

This challenge, plaguing a rapidly scaling internet, spawned a new generation of “noSQL” content storage and search solutions—one of the most popular being Elasticsearch. Elasticsearch is an open-source, third-party service that can filter between different types of content, categories, tags, authors, date ranges, etc. It must be run on hosting accounts through a dedicated hosting environment. Further, it requires extensive configuration. With no structure inherent to itself, the setup of Elasticsearch requires the input of all data components, field types, languages, or any other custom elements your schema requires. This makes it a great option for sites supported by experienced development teams.

Seeing the need for a full-featured search solution for large-scale sites, and determined to help them keep pace and not “outgrow” WordPress, 10up created and open sourced ElasticPress, a plugin that acts as “smart glue” between Elasticsearch and your WordPress data.

The plugin requires Elasticsearch to be properly installed and configured, so ElasticPress.io, the complete, end-to-end search and query engine for WordPress.we felt there was still more we could do to support sites that may not have the technical staff or time to configure and maintain Elasticsearch. Technologies are also evolving rapidly—Elasticsearch is iterating and we’ve also been adding features and tuning search logic for the ElasticPress plugin. But some features require greater control of the server for adding modules and ensuring the security of all applications.

The complete, end-to-end search and query engine

So we created ElasticPress.io, the complete, end-to-end search and query engine for WordPress. Extending Elasticsearch technology, ElasticPress.io works with our ElasticPress plugin to seamlessly connect WordPress to a modern, high-performance solution enabling features like:

  • Weighted full-text search, including custom fields, tags, and other metadata;
  • Fuzzy matching with spelling suggestions;
  • Full-text search of popular documents formats like PDFs and Word documents;
  • Autocomplete recommended matches in the search bar (“autosuggest”);
  • Searching across all sites in a multisite;
  • Drag-and-drop “facet” widgets for high-speed filtering of content across multiple categories or taxonomies;
  • WooCommerce optimization, speeding up search results and product filtering so that customers can quickly and dependably find and buy the products they’re looking for.

Built to be extended.

Designed and engineered by our team at 10up, the ElasticPress plugin is built to be extended. WordPress developers can take advantage of its APIs, hooks, and other developer features to customize its default behavior and further tap into its potential for each project.

The ElasticPress plugin will always be free and open, and we plan to make every feature we can available for any Elasticsearch host, for teams who are up for tuning and managing their own hosting. For everyone else, our end-to-end ElasticPress.io solution starts at $79/month, and you can try it out for free for 14 days. Combined with our customer support, for most businesses and developers, we think this makes the benefits of ElasticPress and modern query engines accessible to a whole new part of the WordPress community.

Stop by our table and learn more about ElasticPress.io, or to chat WordPress development and open source. You can also follow along with us on Twitter, at @ElasticPressIO. We can’t wait to see you at WordCamp Seattle.

 

Don’t Break Your Live Site

Leveraging Staging Environments for Happier Customers

Written by Dwayne McDaniel, Developer Advocate at Pantheon, one of our sponsors.

Leveraging Staging Environments for Happier Customers

The best way to make sure that your users stay safe and your work remains secure is to update your WordPress site. The WordPress Security team works hard to ensure that new risks get addressed as soon as they arise. They provide their security fixes through the update system. Plugin and theme authors do the same. Applying new updates as they appear is, without a doubt, the best way to make sure your site stays safe.

But some updates can also introduce changes in how the software behaves. This happened in a core update as recently as the 4.2.3 release. That update changed how the Shortcode API functioned.  This resulted in a lot of support calls and a lot of hours of work for sites that had simple auto-updated.

Soon, a major update will once again change the default behavior of the world’s leading CMS. With WordPress 5.0, Gutenberg becomes part of core. This means the default editing experience is set to change. If your users not aware of this coming change, this might result in a busy day of support calls and extra work. How can we best prepare ourselves and our clients for the changes that an update might bring?

Enter the Staging Environment

When you update your site, don’t just do it on the live, production server.  Instead, first apply those updates in an identical, separate environment. This environment can have different names. Integration, Testing, Pre-production, or the most common, a Staging Environment.

Your Staging Environment should be as identical as the production environment as possible. In the best of worlds you will be able to make a fresh clone of your live production site before making any changes. This might be as simple as setting up a local development environment with the exact technology stack you are using for your live site. Most hosting providers will provide these Staging Environments as well. The leading managed hosting providers include these environments by default.

Update and Test Away

Once we have our Staging Environments, we can apply all available updates without fear of disruption on the production website. If all goes as expected, we won’t actually see anything break. Then we can push those same changes to our live environment without fear. If things break, then we have a chance to find a remedy before we apply updates to production. The only way to know if it did go as expected is to test.

Most simple testing can is manual. Looking at the home page and  a few other key pages.  Testing out forms and other functions might only take a few minutes. But as sites grow in size and complexity, manual testing becomes a time consuming feat. If we are being honest, manual testing every page and possible feature is monotonous and boring. It can become a neglected step.

The great news here is that there are many ways to automate the testing process. For visual testing, open source tools like BackstopJS or paid services like Percy or StagingPilot can automate testing every page and every <div>. For functional testing, we can look to tools that have arisen from Behaviour Driven Design, like Behat and it’s WordPress extension WordHat. We can also test out how these updates might affect performance, accessibility and SEO through use of Google’s Lighthouse, which comes with Chrome browser for free.

The Secret Is in the Separate Environment

The testing tools mentioned here are just a few examples of tools you can use to make your life easier as you make sure your sites are up to date.  The key to all of them though, is the ability to make and test changes safely away from your website’s live environment.

There are a number of awesome presentations at WordCamp Seattle this year that directly speak to the advantages of multiple environments and the power of automated testing. There are also a lot of WordPress professionals who will be glad to share their thoughts on these best practices and what tools they use. I am looking forward to the conversations.

In WordPress, You Have Community

WordCamp Seattle meets WordCamp Portland

As organizers, we are often asked by those not familiar with WordCamp, just what it is.  On the surface, WordCamp is a conference that focuses on everything WordPress. They are locally organized events which bring together everyone from casual users to core developers participate, share ideas, and get to know each other.

For those of us at WordCamp Seattle, WordCamp is about more than just WordPress. It’s about community. It’s about a diverse group coming together, supporting each other, helping each other, and contributing to who we are as people and not simply WordPress users.

“in any industry, you have peers. In WordPress, you have community.” ~ Keynote speaker Bridget Willard

What does community mean?

That answer will differ a bit for everyone. For most, being part of a community means understanding that your actions impact others. It means taking others into consideration BEFORE you act. It means being inclusive – that everyone is welcome. It means doing the little things so everyone feels welcome.

It’s why we have gender neutral bathrooms. It’s why those who don’t wish to be in photos can opt out with an orange sticker.

Dietary restrictions and allergies are always a concern when organizing an event. We chose to use lunch cards for various nearby locations again this year to provide attendees a variety of choices and to accommodate any requirements.

This concept of being welcoming – extends beyond WordCamp. Our local WPSeattle Community is hosting a pre-camp happy hour Thursday, Nov 8th.  It’s open to everyone! They will be providing the pizza (and of course they’ll have gluten free options and accommodate other allergies).

Community is not just local.

While each WordCamp has it’s own local community, the WordPress community is global. It’s important that we contribute to the greater community as much as we focus on our local one.

Over the past several years, a number of our organizing team headed south to WordCamp Portland. This year was no different with 2 of our team volunteering their time just a week before  our camp!

How you can contribute

If you’re looking for ways to contribute or give back to the community, there’s still time to volunteer or consider transcribing video on WordPress.tv, answering support questions on WordPress.org, or testing the next version of WordPress.

If you’re unsure, you can get an intro to this in our Contributor Room on Sunday

What does community mean to you?

With WordCamp Seattle less than a week away, take a moment to think about what community means to you and share your thoughts with us.

Dealing with Cybersecurity

Written by the team at Polyverse, one of our sponsors.

Dealing with cybersecurity beyond the attention-grabbing headlines can challenge your worldview. One quickly realizes that while billions of dollars continue to be invested in identical solutions, there is a dramatic increase in high-profile security breaches with no end in sight. Every week Polyverse puts out a blog on data breaches for that week; needless to say, there is never a lack of content.

Polyscripting

It has been an interesting transition from being a student less than a year ago, to working on and building my own product at a cybersecurity startup. I started at Polyverse in June working on an open-source project that could eradicate code injection attacks. It was my first job in tech and it was hard not to be skeptical when the CEO and CTO described the project as “a way of fixing the internet”. This was reinforced by the number of skeptics I ran into every day. However, once I understood the philosophy and thought behind Polyscripting my skepticism was replaced by excitement. An excitement that is fueled further every few weeks when another exploit, vulnerability, or breach is announced that the solution I am working on would have prevented.

Moving Target Defense

Polyverse employs the philosophy of Moving Target Defense for cybersecurity. By changing our systems to be unique on demand, such that an attacker finds them unfamiliar, we can defend against the attacker by moving what they target. To explain MTD very simply: imagine a hacker builds an exploit that relies on a set of conditions that must be met in order to achieve their malicious intent. Since it is trivial to recreate almost any system in use today, being that they are all identical, the attacker is able to figure out how to exploit these set of conditions at their convenience—after all the target system isn’t changing and they have all the time in the world.

Moving Target Defense breaks that assumption. If the set of conditions are not identical across all systems, and furthermore they are changing frequently, the attacker is thwarted on two fronts: they have no way of recreating the conditions on the target system, and they have a very small window of time in which to exploit it. This eliminates the attack vector as a whole. While guarding against an exploit sounds tempting, it is sometimes impossible to know that a vulnerability even exists at all until it has been tragically exploited.

The “Killer App” of the PHP programming language

WordPress is the most dominant Content Management System on the planet. Its turnkey applicability from entry-level hobbyist blogs to hosting content for the largest corporations, all while being open-source and free, makes WordPress the most popular choice for building websites today. WordPress is the “Killer App” of the PHP programming language. The tight symbiosis between the two, also directly ties it to PHP’s baggage and vulnerabilities. One of the many vulnerabilities that plague PHP (and by extension, WordPress) is code injection and remote code execution attacks. This type of vulnerability is unique in that it can only be fixed by patching the code. Without a fix from PHP or WordPress, it cannot be easily mitigated against by average users.

My project, Polyscripting, aims to stop code injection and remote code execution exploits in PHP once and for all. Although PHP is reliable, fast and relatively easy to learn, it is vulnerable to a comprehensive list of bugs. This is not helped by the vast number of live WordPress websites that are still using legacy (no longer patched/supported) PHP. This tight coupling between PHP and WordPress can often lead to a PHP language vulnerability (of which there are plenty), being synonymously reported as a flaw in WordPress. The two are inseparable.

Polyscripting applies the aforementioned Moving Target Defense philosophy to vulnerable server-side languages like PHP while being entirely open-source and free. It achieves this by changing the language at compile time. This means that the syntax and grammar that the language will understand is completely unique and randomized. Polyscripting gives your site its own unique programming language that is generated on the fly, and thus unknown to any attacker. You can see where this is going – if an attacker does not know the language, they cannot exploit it.

Functionality

Functionally the website works exactly the same. It is written and maintained in PHP, but when the source code gets pushed to production, the language on the server is one that has been generated unique only to that server. The site’s source code is simply transformed to match the new language. The result: a website that no longer understands standard PHP code, yet functions exactly as intended. A malicious actor does not know that, and any attempt to inject and execute PHP code, as they will mistakenly do, will result in a syntax error, rather than a data breach or other unauthorized access. This kills two birds with one stone: The attacker is stopped completely against a vulnerability we don’t yet know exists, and thanks to a syntax error, we now detected the vulnerability! The attack didn’t work, and the hack helped us fix the root cause.

Nothing to sell, Nothing to gain

Polyverse is convinced this methodology is a game changer and is, therefore, building Polyscripting for PHP under a liberal open source license. Polyverse is sponsoring Seattle’s WordCamp 2018 to introduce the benefits of Polyscripting to the WordPress community. Polyverse is a unique sponsor in that we have nothing to sell, nothing to gain, except perhaps spreading the idea of a new way of thinking about Cybersecurity. Polyverse’s mission is to build tools that are simple to use by operators and developers, completely seamless and transparent to end-users and consumers, and actually stop zero-day exploits that are completely unknown.

With Polyscripting enabled, WordPress remains WordPress for the bloggers, content writers and business owners. For those developing on WordPress or providing hosted WordPress, or those hosting WordPress, Polyscripting strives to maintain the exact same flow used today – working transparently. For an attacker attempting to execute code remotely, Polyscripting gets in their way.

To make it even easier to use Polyscripted WordPress, Polyverse has partnered with managed WordPress hosting provider, PressCaptain, with whom we are working to ensure we stay true to our cause of ensuring that usage is simple, maintainable, scalable, and obvious.

Powerful even in its Infancy

Polyscripting is an idea that is powerful even in its infancy, but as more people use and improve it, the project has the potential to solve a significant problem. Code injection is a real problem and despite the numerous existing solutions that claim to prevent these attacks from happening, new vulnerabilities are exploited and remote code execution is still happening consistently. WordPress is the perfect target for these kinds of attacks, being widely used and built with a language known for excessive vulnerabilities. That makes WordPress the perfect use-case for Polyscripting. To read up more check out https://polyverse.io/polyscripting/ or visit the open-source GitHub repos.

https://github.com/polyverse/polyscripted-php

https://github.com/polyverse/ps-WordPress

Get to Know Your Flight Crew – Tamara Hanks

Tamara Hanks, wcsea 2018 graphic designer

Since those behind the scenes of WordCamp mostly go unnoticed, we decided it would be a nice twist to introduce you some of this year’s crew:

Tamara Hanks, Graphic Designer  

  • What do you do for a living? Tamara Hanks, WordCamp Seattle 2018 graphic designer

    I am a freelance graphic designer specializing in logo and print design. I work part-time for Care Net of Puget Sound as a marketing specialist, designing all of their print media, video content and site updates.

  • How do you use WordPress?

    I use WordPress for my website and at Care Net of Puget Sound.

  • How did you end up involved in WordCamp?

    Robert Nissenbaum and Rhona Negard got me hooked up last year and I enjoyed the two-day conference – which is a huge value for so little money. I was asked to contribute my graphic design skills to this year’s conference. I’m learning more and more about WordPress as the weeks go by.

  • What’s your guilty pleasure/hobby/outside of work passion?

I enjoy going to the movies with my family. Poldark is my favorite show right now. My favorite coffee is a vanilla breve. And I would eat tacos every day of the week if I could.

How to get in touch with Tamara:

Linkedin
Instagram
Twitter

When you see Tamara at WordCamp Seattle in Nov, be sure to say hello and thank her for all her hard work and time volunteering to make WordCamp 2018 the best one yet.

Adding Voice and Text Capabilities to WordPress

by Peter B. MacIntyre, ZCE  

DISCLAIMER: We have not tested this code.

Recently I came across RingCentral (one of our sponsors), and their way cool suite of communications products.  With RingCentral, companies are able to take their traditional phone system into the cloud (letting them have multiple numbers ring, make calls from their office phone, laptop, or cell phone, and letting them configure their phone system through an online interface).

But beyond the traditional phone system, RingCentral also provides numerous APIs and widgets via the Developer program – letting their customers make phone calls, send text messages, build out team messaging and interactions, schedule meetings, and even send faxes (if that’s still a thing) all online programmatically.

Seeing all of these capabilities made me start to wonder, what could I as a WordPress developer do with them?  And how could these features help my customers?Naturally, that meant it was time to build a WordPress plugin.  Specifically one that would let users subscribe to be notified via text message when new blogs were posted, but also that would let administrators make phone calls and send SMS messages from within the WordPress admin.

Jumping into the Code

To get started, I created a basic WordPress plugin skeleton. Create a folder under the wp-content/plugins folder structure and call it the same name as your plugin “/ringcentral” in our case. Then have a PHP file named the same as the folder within that folder: “ringcentral.php” in our case. Also, in that folder you should have a file called “uninstall.php” that will be used if the plugin is to be removed at any time. This will have any commands in it that will allow the plugin to remove itself from the WordPress environment and also tidy up after itself in the database if that is required. The overall folder structure should look like this including folders for all the supporting cast of characters (technology) that you may use over time. The “includes” folder is where you would place the majority of your plugin’s PHP code.

Within that “ringcentral.php” PHP file you should have the basic comment header that describes the plugin and any licensing that goes along with it, typically the GPL2 license is used. Here is a generic example that would be in this path    wp-content/plugins/my-own-plugin/my-own-plugin.php:

/*

Plugin Name: My Own Plugin

Plugin URI: http://paladin-bs.com/mage/

Description: My Own Plugin Admin System

Author: Peter MacIntyre

Version: 0.25

Author URI:  http://paladin-bs.com/peter-macintyre/

Details URI: http://paladin-bs.com

License:     GPL2

License URI: https://www.gnu.org/licenses/gpl-2.0.html

My Own Plugin is free software: you can redistribute it and/or modify

it under the terms of the GNU General Public License as published by

the Free Software Foundation, either version 2 of the License, or

any later version.

My Own Plugin is distributed in the hope that it will be useful,

but WITHOUT ANY WARRANTY; without even the implied warranty of

MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the

GNU General Public License for more details.

See License URI for full details.

*/

After this typical heading, you would start your code. Keeping in mind that usually you are creating a plugin with an admin menu component, you would add in a basic menu structure with code like this:

/* ===================== */

/* Make top level menu            */

/* ===================== */

function My_Own_Plugin(){

   add_menu_page(

       ‘My_Own_Plugin Admin Management Page’,  // Page & tab title

       ‘My Own Plugin’,                        // Menu title

       ‘manage_options’,                      // Capability option

       ‘MOP_Admin’,                            // Menu slug

       ‘MOP_config_page’,                  // menu destination function call

       ‘dashicons-admin-multisite’,            

// use a dashicon available in WordPress

                      // https://developer.wordpress.org/resource/dashicons

               // plugin_dir_url(__FILE__) . ‘images/My_Own_Plugin_icon.jpg’,
                        // or add your own custom menu icon

       80 );                                // menu position level

    

   add_submenu_page(

       ‘MOP_Admin’,                               // parent slug

       ‘My_Own_Plugin System Configuration Page’, // page title

       ‘System Config’,                           // menu title – can be different than parent

       ‘manage_options’,                          // options

       ‘MOP_Admin’ );                             // menu slug to match top level (go to the same link)

   

   add_submenu_page(

       ‘MOP_Admin’,               // parent menu slug

       ‘Do Something Cool Page’,  // page title

       ‘Do Something Cool’,       // menu title

       ‘manage_options’,          // capability

       ‘DSC_upl’,                 // menu slug

       ‘DSC_html’                 // callable function

       );

Then calling the add_action hook to run the My_Own_Plugin menu building function, and sub-menu functions.

add_action(‘admin_menu’, ‘My_Own_Plugin’);  // call add action func on menu building function above

Done right this will create a new plugin entry on the inactive tab of the admin plugin section. Activate the plugin and you should see a new menu item structure that should look like this.

 

 

 

Adding the Virtual Phone

One of the nicer elements of RingCentral Developers is that they offer a copy and paste widget.  This meant that I could add the virtual phone to the admin with the following HTML snippet:

<script src= “https://ringcentral.github.io/ringcentral-embeddable-voice/adapter.js”></script>

However, I wanted to go a little bit further, giving the administrator the ability to not only use the API to send SMS messages, but also be able to turn different features of my plugin on or off.  

To do this, I built a basic page for the WordPress admin area and jazzed it up with a logo or two. I added a checkbox to turn on or off the embedded phone tool and kept that value in a database table I created.

 

 

 

A quick tangent: be sure to write your SQL code with security and stability in mind. By this I mean that you should be using SQL prepared statements as one means of defense, it will save you a lot of headaches. Also on the stability point, when creating a plugin that will change and improve over time be sure to write your SQL table alterations (in an activation subroutine) with the dbDelta WordPress function; you’ll be glad that you did.

Next I wrote a simple “admin_footer” action in the plugin that would call a function to interrogate the DB value and show or hide the phone app accordingly.

/* ============================================= */

/* Add action for the ringcentral Embedded Phone app toggle   */

/* ============================================= */

add_action(‘admin_footer’, ‘ringcentral_embed_phone’);

/* ====================================== */

/* Add custom footer action                                          */

/* This toggles the ringcentral Embedded Phone app  */

/* ======================================= */

function ringcentral_embed_phone() {

   global $wpdb;    

   $result_rc = $wpdb->get_row( $wpdb->prepare(“SELECT `embedded_phone`

       FROM `ringcentral_control`

       WHERE `ringcentral_control_id` = %d”, 1)

   );  

   if ($result_rc->embedded_phone == 1) { ?>

    https://ringcentral.github.io/ringcentral-embeddable-voice/adapter.js

   <?php }

}

The neat thing about the “admin_footer” action call is that it inserts my defined function call in every page of the admin interface thus allowing the phone app to be accessible anywhere within the WordPress admin area.

And just like that I now had my virtual phone in WordPress!

 

 

 

 

 

 

 

Adding in SMS Notifications

While the virtual phone let me manually send SMS messages and make phone calls from the admin, I wanted to let my readers (and my customer’s readers) get SMS notifications about new blog posts automatically.

To do this, I built a widget interface asking site visitors if they want to sign up for news feed notifications (blog announcements) when new posts are published on the website.

 

 

 

 

 

 

When a user signed up, they would then be added to the database, and receive an email notification asking them to confirm their email address, an SMS notification asking them to confirm their phone number, or both.

To send an email notification, I simply used the pre-existing wp_mail function, but to send SMS messages I would need to call the RingCentral API.

Adding in the RingCentral API

Thankfully, RingCentral provides a full PHP SDK that lets you take advantage of all their API calls, without having to understand cURL, adding attachments (for MMS or fax), or boundaries (don’t even ask).  You can get the RingCentral SDK using Composer by running the following command:

php composer.phar require ringcentral/ringcentral-php

And then including the RingCentral SDK with the vendor autoload file:

require(‘vendor/autoload.php’);

Now calling the RingCentral PHP SDK class is as simple as:

$sdk = ringcentral_sdk() ;

Sending the Text Message

Now was the time for the moment of truth.  I built a function using RingCentral’s SDK to send text messages, wrapping it in a try/catch, like so:

try {

       $apiResponse = $sdk->platform()->post(‘/account/~/extension/~/sms’,

           array(‘from’ => array(‘phoneNumber’ => ‘$config[‘ringcentral_number’]’),

               ‘to’ => array( array(‘phoneNumber’ => $mobile_contact[‘mobile’]) ),

               ‘text’ => $message ) );

   } catch (\RingCentral\SDK\Http\ApiException $e) {        

       $apiResponse = $e->apiResponse();

       $return_message = “There was an error broadcasting to the mobile list. => ” . $apiResponse;

   }

In the case of this function, I would pass in $sdk and $config as globals, and pass the $mobile_contact and $message as parameters, letting me reuse the function for each subscriber within a loop.

And needless to say – it worked!  Well sort of… my friends in the US and Canada received the text without any problem.  But it turns out, to protect users RingCentral requires you to enable international SMS messages for the API (as domestic text messages are free, but international texts usually cost more due to carrier fees).  This means to use RingCentral SMS internationally, you’ll need to enable this on your RingCentral account (and also be very conscious of how many international messages you’re sending).

One solution I came up with was to limit the SMS subscriptions to North American numbers only, while letting everyone receive email notifications.  This was as simple as implementing a quick regex to validate the phone number and the country code.

if (!preg_match(‘/1[0-9]{9}/’) {

   echo ‘Only US Numbers are supported at this time.’;

}

Next Steps

With RingCentral’s platform, the sky’s the limit – as you have the ability to not only create SMS notifications, but start video meetings and build in real-time, rich messaging that can be accessed from within your app, via the RingCentral App, and on the go.

The same goes for this plugin.  While it now supports the virtual phone widget and SMS notifications, I’m excited to see what else we can add to it, and how we can take advantage of real-time communication tools inside of WordPress.

If you happen to be at either WordCamp Seattle, or RingCentral’s ConnectCentral conference in San Francisco I’d love to talk to you more about how I built the plugin, it’s current status, and what the future holds.  And, of course, if you’re looking for a WordPress developer – Paladin is open for business!

You can also get more information about this plugin, including when it is officially released at https://paladin-bs.com/contact/ (please use “RC API Plugin” as the subject).

 

=====================

Peter MacIntyre has over 28 years of experience in IT, primarily in PHP. Author of “Building Exceptional Sites with WordPress & Thesis” and “PHP: The Good Parts“; co-author: Programming PHP-3rd Ed & Pro PHP Programming, among others. Peter has spoken at PHP Central Europe (Warsaw, Poland); PHP[World] 2016 (Washington, DC); ZendCon 2016 (Las Vegas), NortheastPHP (Boston), CA-World (New Orleans); CA-TechniCon (Köln, Germany); and CA-Expo (Melbourne, Australia).  Peter is a past co-chair and co-founder for the Northeast PHP Developer’s Conference, and is Zend certified for both PHP 5.3 and 4.0.

7 Tips to Kickstart Your New Website

7 Tips to Kickstart Your New Website by SiteGround

Written by the team at SiteGround, one of our sponsors.

The fall season is a great time to start with the projects you’ve been putting off until now. Whether it’s a freelance career or a business idea, one thing is sure – you will need an attractive and functional website to help you share it with the rest of the world. To help you out, we’ve made a list of 7 important assets and tools that will let you start, protect, and manage your new website.

Domain name registration

The first important step is having your own domain name, instead of a free service subdomain. It not only makes it easy for your company to be found online, but it also brings credibility to visitors and potential clients.

Since .com domain names are almost always taken, you can use this chance to play around with your domain extension and get anything from .bike to .coffee, for example.

Email accounts connected to your domain name

Another absolute must is having an email account that matches your domain name. A custom, branded email address will make you look professional. It also helps those receiving an email from you find out your website, so look for a web hosting company that provides you with that key option.

Apart from the administrative features like domains and emails, it’s good to be forward-thinking and take some website security measures on time. There are many things that go behind making your website and connection secure and some of these processes might be complex and time-consuming.

Luckily, managed web hosting can help you a lot in that direction. Managed hosts handle all complicated technical aspects of hosting like software installations and updates, server security, optimization and many other things which you should take care of if you’re running a server yourself.

SSL certificate

The bare minimum for any website security is the SSL technology that 

Kickstart Your New Website by SiteGround

protects the data which goes from your website to the server. To take advantage of it, you need to install an SSL certificate that will encrypt and protect sensitive data like credit card numbers, personal information, data transfer, logins and similar.

When you have an SSL certificate, a padlock icon will appear next to your website URL in the browser, indicating that your connection is secure and that you have a valid SSL certificate. Some managed web hosting providers have made installing them super easy and quick. So don’t miss to take advantage of this great technology.

Auto-updates and backups

Updating your WordPress and plugins regularly is critical for website security as well, but it can be a tedious task. The same goes for backing up your website, files, databases, and emails. The smartest thing you could do is using automated tools that can update and back up your website when needed. That way you have peace of mind that if something happens to your data, you will always have a recent backup to restore.

CDN and caching

CDN (Content Delivery Network) and caching are widely-used technologies and a must if you have visitors from different countries and you want to improve your site speed. The CDN will distribute copies of your website to different servers and when a user requests to visit your site, it will be loaded from the closest server geographically. This will dramatically improve your site speed.

Caching, on the other hand, will keep the static content of your website in a temporary storage area, thus improving your website performance. With a good caching solution, your website will be as fast as a static page.

There are many free and paid solutions you can choose from. If you’re not sure, your managed hosting provider will be best suited to advise you how to easily enable caching for your site.

When working on your website, have these technologies in mind and select or switch to a reliable hosting provider that can help you easily implement them, so you can focus on what’s more important – developing your content and ideas.

Get to Know Your Flight Crew – Kyra West

Kyra West traveling in Hong Kong

Since those behind the scenes of WordCamp mostly go unnoticed, we decided it would be a nice twist to introduce you some of this year’s crew:

Kyra West, Volunteer Wrangler

  • What do you do for a living? 

    I’m the Marketing Associate for Cindy Kelly & Associates at Compass. I’m in charge of our print and digital marketing, as well as social media and the blog.

  • How do you use WordPress?

    Mostly through the cindykelly.com blog posts – I’m a WordPress newbie!

  • How did you end up involved in WordCamp?

    I had a friend who was involved last year and was so enthusiastic about it that I had to come see what it was all about! It seems like a great way to increase my knowledge of WordPress and the community in Seattle.

  • What’s your guilty pleasure/hobby/outside of work passion?

    Volunteer Wrangler, WordCamp Seattle 2018

I joke that I’m a retiree at 30- I love nothing better than reading, puttering in my garden, and redecorating my house. After living in Hong Kong for a couple of years, my fiance and I are thinking about just going on a cruise for our next travel adventure.

And, I’ve just received a sewing and embroidering machine so I’m ready to start embroidering ALL THE THINGS.

 

How to get in touch with Kyra:

Linkedin
Instagram
Twitter

When you see Kyra at WordCamp Seattle in Nov, be sure to say hello and thank her for all her hard work and time volunteering to make WordCamp 2018 the best one yet.

Get to Know Your Flight Crew – Karen Howell

karen howell wcsea WordCamp Seattle 2018 swag and registration wrangler

 

Since those behind the scenes of WordCamp mostly go unnoticed, we decided it would be a nice twist to introduce you some of this year’s crew:

Karen Howell, Registration and Swag Wrangler:

  • What do you do for a living? karen howell wcsea WordCamp Seattle 2018 swag and registration wrangler

    I’m a founder and developer at The May Creative where I build custom themes for business owners in collaboration with designers & design agencies. I also consult helping businesses owners strategically engage online.

  • How do you use WordPress?

    I use it every day to help businesses run their business as well as my own through theme creation and blogging.

  • How did you end up involved in WordCamp?

    I attended last year and had such a great time within the WordPress community I decided to volunteer this year.

  • What’s your guilty pleasure/hobby/outside of work passion?

For fun I’m a beauty blogger – a maven, sharing makeup techniques and looks for women. It’s how I got started with WordPress. Plus I adore coding. It’s my hobby and career 🙂

How to get in touch with Karen:

Linkedin
Instagram
Twitter

When you see Karen at WordCamp Seattle (look for the hat) in Nov, be sure to say hello and thank her for all her hard work and time volunteering to make WordCamp 2018 the best one yet.

Get to Know Your Flight Crew – Robert Nissenbaum

Robert Nissenbaum, Lead Marketing Wrangler

 

Since those behind the scenes of WordCamp mostly go unnoticed, we decided it would be a nice twist to introduce you some of this year’s crew:

Robert Nissenbaum, Lead Marketing Wrangler:

  • What do you do for a living? 

    I provide brand, content, and social media marketing through my agency, Tactical Social Media.

  • How do you use WordPress?Robert Nissenbaum, Lead Marketing Wrangler

    I started building WordPress sites to prove a point about how social media and content marketing, when used correctly, could drive SEO and web traffic in a purely organic way – no keyword focus, no external linking building techniques. As apart of my agency, I work with developers to build/redesign client sites as part of creating a complete (effective and measurable) online marketing system.

  • How did you end up involved in WordCamp?

    WordPress is a core foundation piece for my business and methodology, but It was Bridget Willard who got me involved. I was a volunteer in at my first camp in  2016 (Seattle), handled the social media in 2017, and now as the lead marketing wrangler for 2018. I have helped with social media at Portland in 2017 as well as having spoken at camps.

  • What’s your guilty pleasure/hobby/outside of work passion?

I am an avid sea kayaker – to the point that I am out several times a week in the surf year round (including paddling in snow over this past Christmas. I am part of the Washington Kayakers Club, support the kayaking operation through Metro Parks (including helping on guided paddles and teaching), and have a side gig repairing and selling kayaks (when not collecting them, on a spur of the moment paddle or racing.

How to get in touch with Robert:

Linkedin
Instagram
Twitter

When you see Robert at WordCamp Seattle (look for the hat) in Nov, be sure to say hello and thank him for all his hard work and time volunteering to make WordCamp 2018 the best one yet.

WordCamp Seattle 2018 is over. Check out the next edition!