WordCamp New York City 2009

Mark Jaquith

WordPress plugins are infinitely powerful. This power makes WordPress great, but it also gives plugin developers the ability to shoot themselves (and the users of their plugins) in the foot. This technical and code-heavy presentation will teach plugin developers the skills they need to write plugins that will never be a security liability to their clients and users.

You’ll learn the functions to use, when to use them, attitudes and best practices to avoid security holes, as well as explanations of why they are holes — which will hopefully help hone your sense of skepticism so that you can stay ahead of the curve and start protecting against tomorrow’s attack vectors. I will also be holding an unconference workshop session on plugin security where we can go through your plugin code and identify problem areas. I normally charge lawyerly rates for this kind of code review — you should definitely take advantage! I’ll announce the time and place of that workshop session during the main security talk session, which is at 1:30pm on Saturday.

Brad Williams

WordPress Security isn’t the sexiest topic, but with a little chastity belt reference and some hot security tips I plan on changing that!  Security is a major concern for all website administrators and WordPress powered websites are no different.

Imagine losing all of your content, including posts, media, and comments. Even worse imagine spam links hiding in your content destroying your search engine ranking. Keeping your website safe from hackers and bots should be a top priority for anyone running their own website. In this presentation I’ll cover the essential WordPress Security tips that ALL WordPress administrators should use to keep your website safe and secure.

Is your WordPress website as secure as it can be? Do you have spam links hidden in your site? How many of these tips do you follow? You’ll have to attend my presentation to find out!

Amanda Blum

Having been a backseat driver on the 501c3 bus for 25 years, I speak Bleeding Heart fluently. I’ve seen that most non-profits suffer from the same issues:
— PR/Marketing departments not integrated with tech departments, a failure because of the way marketing works in 2010.
— Design has been prioritized over function in website considerations.
— Without solid tech counsel, organizations are slaves to paid software and/or webmasters.

Your Website is Not the Bastard Kid of Your Org
I know all the issues: staff stretched thin, high turnover, volunteer training timesuck, lack of resources/ funding, and nepotistic hiring practices (“My nephew Mervin can put us on the interwebs for free!”).  Can WordPress solve these problems? Of course not…but it can turn your website from a time and resource drain into a highly functioning marketing and service delivery tool, and help reduce many of these problems at the same time. Stop thinking of WordPress as a blogging tool: it is a highly powerful Content Management System (magic website manager).

Bleeding Heart meets Bleeding Edge
I am like a kid with cake when it comes to convincing non profits about WordPress as a way to reduce costs, maximize efficiency and most importantly- sell your cause.

• WordPress is budget friendly (and by “budget friendly”, I mean “free”)
• WordPress isn’t going anywhere.
• WordPress development and design help is easier/ cheaper because it is the most popular CMS on the planet.
• A breathtaking number of WordPress training guides and support exist for users.
• WordPress is scalable to grow with your organization.
• WordPress is flexible in appearance and can change as needed.
• WordPress plugins offer utility and functionality that allow non profits to streamline interior and exterior processes to better serve constituent groups.
• WordPress user levels allow you to distribute workload amongst many staff/volunteers without liability or security concerns
• WordPress’s ubiquity on the planet makes it likely volunteers already have experience with the system (easier to find volunteers/less time training them)
• WordPress’s widgets and plugins allow easy (read: cheap) ways to grow into and integrate social media, email marketing, donations, forms and calendars into your website.
• WordPress, being web based, is accessible from any internet connection. You can work remotely, you can access it from the field, and you never have to worry about crashing software/hardware.

I am Funny. WordPress is Not.
WordPress is a serious Mofo. I’ve yet to encounter a non profit that couldn’t be better served by the wonder that is WP, but let’s test the theory. We’ll cover all the reasons that WordPress can rock your world, how to convince the board, and where to start on your WP project with a little time left over for “Stump the Redhead.”   See you Saturday, after lunch, in the CMS track.

Jeremy Clarke

Hey WordCampers, hope you’re having fun gearing up for what will undoubtedly be a pretty insane Saturday of website goodness. I’ll be doing two separate talks in the ‘advanced dev’ track so I’ll post both descriptions below. Remember they are not at the same time, you can come to one but not the other if you want.

Code Faster and Smarter PHP with IDEs and Other Free Tools

This talk is aimed at people who are already writing PHP to some degree for their WordPress work. If you’re just writing HTML and CSS an IDE might be the right tool for you, but most of its features won’t apply. If on the other hand you are doing any of the following, and haven’t tried (or haven’t REALLY tried) an IDE you are missing out on industry-standard awesomeness:

• Writing PHP functions
• Creating PHP objects
• Using the WordPress API seriously, reading the source to see how things work.
• Creating custom plugins/complex themes
• Getting frustrated with how dumb most tools are compared to smart tools you use for other things like word processing or spreadsheets.

Simple efficient tools are fast and easy to use, but they don’t understand the code you’re writing. I’ll talk about and show you how Integrated Development Environments (IDEs) like NetBeans or Eclipse (both are Free Software and cross-platform), can take care of a lot of the tedious annoying work to let you focus on getting things done with your code.

The switch to using Netbeans has changed the way I work and I don’t think I could ever go back. If you haven’t tried working with an IDE, or even if you have and got scared, this talk will walk you through the why and the how of saving time and headaches by committing to one. I’ll also cover using PHPXref, a simple alternative to IDEs that offers a lot of the same utility without changing any of your code workflow. If you’re planning to attend consider installing NetBeans beforehand so you can follow along.

Tuning WordPress and the LAMP for Speed and Stability

Upgrading your hosting plan, your server hardware or your sysadmin budget are all acceptable ways of improving the stability and performance of your site, but with a little effort there is a lot you can do to squeeze more performance out of your existing setup without paying more.

This talk is targeted at site administrators who have control of their LAMP (Linux Apache MySQL PHP) server or are planning on upgrading to dedicated hosting soon but don’t really understand what they can do to make it go faster.

We’ll cover Apache and MySQL tuning and how to make sure your server isn’t misconfigured, a common problem with expensive repercussions:

• What are the components of a LAMP stack
• Tools for investigating server performance problems
• Editing Apache/MySQL config files
• Common Apache/MySQL config settings that need tuning
• Brief overview of front-end/WordPress-level caching that will save your life.

Thanks for reading guys, hope to see you there, I know I won’t even be able to see all the talks I’m excited about.

Lisa Sabin-Wilson

This weekend we’ll all be at CUNY in NYC for a weekend of learning, sharing, networking, eating, drinking and soaking in all the amazing WP goodness that comes out of every WordCamp across the world.  I’m excited, aren’t you??  The tireless organizers of WCNYC have worked hard to put together a really fantastic line up of sessions….simply something for everyone.  I know how challenging it is to organize and event such as this – hats off to them for what is sure to be a pretty phenomenal weekend in NYC!

Speaking of sharing and socializing – – my session at WordCamp NYC is aimed towards introducing bloggers to the BuddyPress – a  suite of plugins available for the WordPress MU platform that is rich with features that allow you to take your WordPress MU site to the next level by engaging a community on your own web site  through dynamic features such as:

• Extended Profiles
• Friends
• Private Messaging
• Activity Wires
• Blog Tracking
• Status Updates
• …and more!

My session introduces you to the features available, aimed toward helping you make the decision if BuddyPress is right for your site, and has features that you would like to add to enhance and grow a social community on your own domain.  Many people, wrongly, state that BuddyPress is “Facebook in a box…” – – I think even I have wrongly made that statement in the past.  It’s not Facebook, at all.  Running a Buddypress community on your own site makes it a good deal more targeted to your specific niche community, allowing you to build a full and interactive social network around the specific niche topic and interests that you have full control over on your own site.  Where Facebook covers everything from Farmville to Mafia Wars – – your (BuddyPress powered) community can hone in, and concentrate, on specific topics and interests that you determine and guide.

My session explores the types of communities that are using BuddyPress, and how they are taking advantage of the available features to build, grow and sustain their own social community on their sites.  I will gives you some suggestions on useful plugins that will help you extend the available features on your BuddyPress powered site for your community members to take advantage of as they socialize, network, engage and interact within your community.  Finally, I will provide an explanation on the BuddyPress theme framework and a few tips I’ve come across in my work with BuddyPress that will help you dig in and customize your BuddyPress templates to give your own community a unique look that is specific to you and your community.

I have been working with BuddyPress since its early, infant days in the summer of 2008 when I discovered how truly amazing and powerful it is for building communities.  The development of BuddyPress has grown in leaps and bounds over the last year and continues to keep getting better every single day, thanks in no small part to Andy Peatling and the group of devs over at BuddyPress.Org.  I have been so eyebrows deep in BuddyPress over the past several months that I sometimes forget that there is a great big community out there that doesn’t yet know its power and potential! I hope to bring some of that BuddyPress joy to WordCamp NYC this weekend and share with you the wonders that I’ve discovered.

I’m really looking forward to meeting everyone!  I love the opportunity to meet WordPress (and BuddyPress!) users whenever I get the chance – – ping me on Twitter @LisaSabinWilson so I can add you and we can stay in touch in NYC and beyond!

Ron Rennick

It has been about 6 months since Matt announced that WordPress & WordPress MU would be merged into a single codebase. It took Andrea & I few days to get used to the idea. But, it didn’t take long before we were excited and looking forward to it. Time flies. We are 6 months closer.

Although the final implementation hasn’t been sketched out, once the merge has taken place, it’s reasonable to expect that any WordPress install running the latest version will be able to turn on the multiple blog functionality in a few minutes.

WordPress 2.8 has been downloaded over 8.2 million times. The potential is there for any of those WordPress admins to turn the multiple blog feature on to try it out which means that eventually nearly all plugins will be tried in a multiple blog scenario.

Many of the plugins available in the repository work in both WordPress and WordPress MU. But, not all plugins written for WordPress work the way they were intended when they are activated in WordPress MU. In this session, we will look at tips, tricks & traps of writing plugins compatible with both WordPress and WordPress MU.