This repository demonstrates the complete process of fixing a WordPress plugin to meet the official WordPress Coding Standards and WordPress.org requirements.
This project showcases a comprehensive workflow for WordPress plugin development using:
- Context7 MCP - Fetching up-to-date WordPress documentation
- WP-CLI Plugin Check - Validating code against WordPress standards
- Claude Code - AI-assisted development with best practices
- Git Version Control - Documenting the complete development journey
Hello Dolly is WordPress's classic example plugin, created by Matt Mullenweg. It displays random lyrics from the song "Hello, Dolly" by Jerry Herman in the WordPress admin area.
While it's a simple plugin, the original version had 6 coding standards violations that we've systematically fixed and documented.
The repository's commit history tells the complete story:
- Initial Setup - Claude Code documentation and workflow
- Original Plugin - Hello Dolly v1.7.2 with 6 violations
- Security Fixes - Proper output escaping and WordPress functions
- Text Domain Resolution - Understanding WordPress i18n requirements
- Folder Structure - Moving to proper plugin architecture
- Documentation - Adding WordPress.org compliant readme.txt
| Issue | Original | Fixed |
|---|---|---|
| License | Missing GPL header | β GPL v2 or later with URI |
| Security | No output escaping | β
esc_html(), esc_attr(), esc_html__() |
| Functions | mt_rand() |
β
wp_rand() |
| i18n | Missing text domain | β
Text domain: hello |
| Structure | Single file | β
Proper folder: plugins/hello/ |
| Docs | No readme.txt | β WordPress.org compliant readme |
This project demonstrates the recommended WordPress plugin development workflow:
# 1. Use Context7 to fetch WordPress documentation
context7 get-library-docs /websites/wordpress --topic "hooks filters escaping"
# 2. Write/modify plugin code following standards
# 3. Verify with WP-CLI Plugin Check
ddev wp plugin check hello
# 4. Commit with descriptive messages
git commit -m "Fix: Add proper output escaping for security"- DDEV - Local WordPress development environment
- WP-CLI - WordPress command-line interface
- Plugin Check - Official WordPress plugin checker
- Context7 MCP - Real-time WordPress documentation
- Claude Code - AI-powered development assistant
wordpress-claude/
βββ .claude/
β βββ claude.md # Claude Code workflow documentation
βββ wp-content/
β βββ plugins/
β βββ hello/
β βββ hello.php # Fixed Hello Dolly plugin
β βββ readme.txt # WordPress.org documentation
βββ .gitignore # WordPress-specific ignores
βββ LICENSE # GPL v2 License
βββ README.md # This file
β Missing "License" in Plugin Header
β mt_rand() discouraged - use wp_rand()
β Missing $domain parameter in __()
β Unescaped output: __() on line 67
β Unescaped output: $lang on line 68
β Unescaped output: $chosen on line 69
$ ddev wp plugin check hello
β
Success: Checks complete. No errors found.Always escape output - even when data seems "safe":
// β Wrong (vulnerable to XSS)
echo $variable;
// β
Correct (safe)
echo esc_html( $variable );
echo esc_attr( $attribute );
echo esc_url( $url );For proper internationalization:
- Text domain must match folder name (not filename)
- Single-file plugins:
plugins/hello.phpβ text domainhello.php - Folder-based plugins:
plugins/hello/hello.phpβ text domainhello
Use WordPress functions instead of PHP alternatives:
wp_rand()instead ofmt_rand()wp_remote_get()instead offile_get_contents()wp_safe_redirect()instead ofheader('Location: ...')
plugins/plugin-name/ # Folder matches text domain
βββ plugin-name.php # Main file
βββ readme.txt # WordPress.org docs
βββ languages/ # Translation files
βββ assets/ # CSS, JS, images
βββ includes/ # Additional PHP files
- WordPress 4.6+
- PHP 5.6+
- WP-CLI with Plugin Check installed
-
Clone the repository:
git clone https://github.com/openstream/hello-dolly.git cd hello-dolly -
Copy plugin to WordPress:
cp -r wp-content/plugins/hello /path/to/wordpress/wp-content/plugins/
-
Activate the plugin:
wp plugin activate hello
Run Plugin Check to verify all standards are met:
wp plugin check helloThis repository includes .claude/claude.md which documents the complete workflow for using Claude Code with WordPress development:
- Using Context7 MCP to fetch WordPress documentation
- Running
ddev wp plugin checkto verify compliance - Following WordPress coding standards
- Best practices for plugin development
See .claude/claude.md for details.
This repository serves as an educational example. Feel free to:
- Fork and experiment
- Study the commit history to understand the development process
- Use as a template for your own WordPress plugins
This project is licensed under the GPL v2 or later - see the LICENSE file for details.
- Matt Mullenweg - Original Hello Dolly plugin creator
- WordPress Community - For maintaining excellent documentation
- Plugin Check Team - For creating the validation tool
- Context7 - For providing up-to-date WordPress documentation via MCP
- WordPress Plugin Handbook
- WordPress Coding Standards
- Plugin Check Documentation
- WP-CLI Documentation
Note: This repository demonstrates WordPress plugin development best practices through the lens of fixing a classic example plugin. The commit history shows the complete journey from identifying issues to implementing proper solutions.