Code Development Plugin WordPress

Building a WordPress Plugin: Frontend Display with Shortcodes

/ by sajdoko | Leave a comment

blank

In our previous article, Implementing AJAX for Dynamic Content, we explored how to enhance the Quick Note Manager plugin by setting up AJAX for smoother and more interactive user experiences, covering client-side JavaScript, server-side PHP handlers, and secure data handling.

With a fully functional administrative interface for managing notes, the next logical step is to display this content on the public-facing side of the website. WordPress offers two primary, user-friendly methods for embedding dynamic content into posts, pages, and sidebars: shortcodes and widgets.

This article will cover the implementation of shortcodes. A [quick_notes] shortcode will be created, allowing users to display a list of their notes anywhere in their content.

Displaying Notes with a Shortcode

The WordPress Shortcode API provides a powerful way for developers to create simple macros that users can insert into their content to execute more complex code. A shortcode like [quick_notes] is more intuitive for a non-technical user than embedding PHP or HTML.

blank

 

Creating a Basic Shortcode

Registering a shortcode is done with the add_shortcode() function, which should be hooked into the init action. This function maps a shortcode tag (e.g., ‘quick_notes’) to a callback function that generates the output.


<?php
/**
 * Renders the [quick_notes] shortcode.
 *
 * @param array $atts Shortcode attributes.
 * @return string The shortcode output.
 */
function qnm_render_notes_shortcode($atts) {
    global $wpdb;
    $table_name = $wpdb->prefix . 'quick_notes';

    $notes = $wpdb->get_results("SELECT note, created_at FROM $table_name ORDER BY created_at DESC", ARRAY_A);

    if (empty($notes)) {
        return '';
    }

    // Use output buffering to capture the HTML
    ob_start();
   ?>
    <ul class="qnm-notes-list">
        <?php foreach ($notes as $note) : ?>
            <li><?php echo esc_html($note['note']); ?></li>
        <?php endforeach; ?>
    </ul>
    <?php
    return ob_get_clean();
}

/**
 * Initializes shortcodes.
 */
function qnm_shortcodes_init() {
    add_shortcode('quick_notes', 'qnm_render_notes_shortcode');
}
add_action('init', 'qnm_shortcodes_init');

blank

In this handler function, several key practices are followed:

  • The global $wpdb object is used to query the wp_quick_notes table for all notes.
  • Output buffering (ob_start(), ob_get_clean()) is used to build the HTML output as a string. This is crucial because shortcode handlers must return their output, not echo it directly.
  • The note content is escaped using esc_html() before being displayed. This is a critical security measure to prevent Cross-Site Scripting (XSS) attacks by ensuring any HTML within the note is displayed as text rather than being executed by the browser.

Adding Attributes to the Shortcode

Shortcodes can be made more flexible by accepting attributes. For instance, a limit attribute could control how many notes are displayed: [quick_notes limit="5"].

The shortcode_atts() function is used to parse these attributes, merging them with a set of default values. This provides sensible defaults and ensures the shortcode works even if no attributes are provided.

The handler function is modified to accept and process attributes:


function qnm_render_notes_shortcode($atts) {
    global $wpdb;
    $table_name = $wpdb->prefix . 'quick_notes';

    // 1. Define and parse attributes
    $atts = shortcode_atts(
        array(
            'limit' => -1, // Default: show all notes
        ),
        $atts,
        'quick_notes'
    );

    $limit = intval($atts['limit']);

    // 2. Build the query with the limit
    $query = "SELECT note, created_at FROM $table_name ORDER BY created_at DESC";
    if ($limit > 0) {
        $query .= $wpdb->prepare(" LIMIT %d", $limit);
    }

    $notes = $wpdb->get_results($query, ARRAY_A);
    
    //... (rest of the function remains the same)
    //...
}

This updated function now uses shortcode_atts() to process the limit attribute, validates it as an integer, and modifies the SQL query accordingly.

Next up is Security, Styling, and Distribution Best Practices. We’ll finalize the plugin by adding polished styles, strengthening security practices, comprehensive testing, and preparing your plugin for public distribution—wrapping up our series with practical guidance and a handy reference of core functions and hooks.

Tagged

You might also like

blank

Building a WordPress Plugin: Security, Styling, and Distribution Best Practices

Throughout this series, a complete and functional Quick Note Manager plugin has been built from the ground up. The core features—admin management, AJAX-powered submissions, and frontend display via shortcodes—are all in place. The final stage of development involves polishing the plugin to ensure it is secure, visually appealing, and ready for distribution. This concluding article […]

Read more »

blank

Building a WordPress Plugin: Implementing AJAX for Dynamic Content

In the previous article, Building a WordPress Plugin: Creating the Admin Dashboard Page, a complete admin interface for managing notes was constructed. While functional, every action, such as adding a new note, requires a full page reload. This behavior can feel slow and outdated. Modern web applications provide a more fluid experience by updating content […]

Read more »

blank

Building a WordPress Plugin: Creating the Admin Dashboard Page

This guide continues the development of the Quick Note Manager plugin. The first article, Building a WordPress Plugin: A Step-by-Step Guide,  established the plugin’s foundation, including the main file, a custom database table named wp_quick_notes, and activation/deactivation hooks to manage this table. The next phase focuses on creating a user-friendly administrative interface. A robust admin […]

Read more »

Editing SEO metadata in WordPress with Yoast plugin

Basic On-Site SEO Optimizations for WordPress Template Sites

Building a WordPress website with a premade template gives you a head start on design, but it doesn’t automatically guarantee search engine optimization (SEO). WordPress is indeed SEO-friendly out of the box – it’s built with clean, semantic code that helps search engines index your content. However, leveraging a template means you still need to […]

Read more »

blank

Building a WordPress Plugin: A Step-by-Step Guide

This series of articles may be a great starting point in your journey into plugin development. Whether you’re a complete beginner or someone looking to refine your skills, this guide aims to simplify the process and provide you with hands-on experience. We’re going to build something practical and meaningful: a Quick Note Manager. This project […]

Read more »

blank

Optimizing and Extending the Livewire Product Filter – Part 4

Welcome to the fourth and final part of our Livewire series! Now that we’ve built the basic product filtering system and added functional filters, we’ll optimize the product filter for performance and usability. We’ll add features like pagination, loading indicators, and animations to create a polished, user-friendly experience. Part 3: Enhancing the Livewire Product Filter: […]

Read more »

blank

Enhancing the Livewire Product Filter: Advanced Features – Part 3

Welcome to the third part of our Livewire series! In this article, we’ll add advanced filtering features to the product filter system, including price range filters, responsive design improvements, and enhanced interactivity with real-time updates. By the end of this tutorial, your product filter will be even more dynamic and user-friendly. Part 2: Building the […]

Read more »

blank

Building the Core of a Livewire Product Filter – Part 2

Welcome to the second part of our Livewire series! In this article, we’ll focus on creating the route to display our Livewire component, implementing an app-wide layout, building a functional product filtering system, and implementing basic filtering logic. By the end of this tutorial, you’ll have a working product display system with real-time filter updates, […]

Read more »

blank

Building a Real-Time Product Filtering System with Livewire in Laravel – Part 1

Welcome to this comprehensive guide on using Livewire to build a real-time product filtering system in Laravel. Whether you’re new to Livewire or looking to refine your skills, this guide will walk you through the setup process and introduce the foundational concepts for creating a powerful, dynamic product filtering experience. What We’ll Build Together Filtering […]

Read more »

blank

How to Optimize WordPress Database Performance for Faster Sites

When it comes to WordPress site performance, the database plays a crucial role. A well-optimized database can significantly reduce page load times, improve the user experience, and decrease server load. This translates to faster responses, smoother browsing, and better reliability for your website, making it more attractive to visitors and search engines alike. In this […]

Read more »

blank

How to Implement Role-Based Content Restrictions in WordPress Without Plugins

Managing access to content on your WordPress site can become essential as your user base grows. Whether you run a membership site, offer premium content, or manage a community with multiple roles, role-based content restrictions allow you to control who can view specific areas of your site. This guide will teach you how to implement […]

Read more »

blank

How to Create a ‘Services’ Custom Post Type with Meta Boxes in WordPress

Custom post types allow WordPress developers to extend the functionality of their website beyond standard posts and pages. By adding a ‘Services’ custom post type, you can display your business offerings in a more organized and customizable way. Moreover, by adding custom meta boxes, you can include additional details about each service, such as pricing, […]

Read more »

Leave a Comment

Your email address will not be published. Required fields are marked *

Chat on WhatsApp Chat on WhatsApp To top