NoteToServices

Upload Media By URL WordPress Plugin

February 27, 2020 — In our great strive to learn about developing WordPress plugins, I realized I needed something and built it into a plugin I was working on for a client. However, this feature serves as a personal tool for those clients to upload their media to a CDN. In the process, I realized that an important feature from WordPress is missing. In fact, it's never actually been implemented, yet you would think otherwise. We built a WordPress plugin called Upload Media By URL or UMBU.

Uploading by URL is a feature that is missing, yet is actually present in the WordPress Media gallery only when you write a post and try to insert media. An option is available if you are not using Gutenberg. Once you click on Add Media, you will notice the ability to insert a URL. This entry is for an external URL only, meaning that when you insert that external URL into your post, it will keep the external URL.

The feature was built directly into the media library which allows you to upload multiple images via URL. After hitting submit, all of the URLs you added to the list will be processed and added to the WordPress Media library. This plugin is very simple, free, and is available in the WordPress respository. We are quite excited about this, as it is our first approved WordPress plugin.

The object of what it does was simple, allowing for you to add new images to the gallery from a URL, rather than having to either download that URL and re-upload it through your WordPress Media library. A search of the WordPress plugin repository revealed that no one has built this plugin. It does not exist. There is no plugin out there in which you can enter in the URL and it will automatically download to your website and be inserted into the media library. Thus, we are happy to have practiced with WordPress plugin development and are happy to offer this for free.

The first submission was easy and involved going to the website and uploading my plugin. Luckily, there were only 2 other pending plugins before I uploaded mine, so I submitted the plugin on Friday and received word on Monday. Our first submission was rejected, as we were learning about proper coding and guidelines for building a WordPress plugin. Fortunately, our biggest issue which was really a nonissue was ensuring that all data, especially by user input, is sanitized and escaped properly. After I made changes to the plugin, it was accepted.

I had already built another plugin for another company, but decided to submit this one first so I could understand the guidelines of proper coding for plugins, and since this plugin literally contains less than 100 lines of code. It was the easiest for the plugin reviewers to check it and approve it, providing an understanding of how I can submit future plugins, as there are plenty of plugins out there that take time to go through and approve. The main emphasis on what was wrong was Validating, Sanitizing and Escaping User Data meaning that strings and other user input could contain scripts that could easily hijack a WordPress plugin, thus using these functions are very useful in ensuring a WordPress plugin receives proper coding. The functions that help keep WordPress safe are:

• sanitize_email()
• sanitize_file_name()
• sanitize_html_class()
• sanitize_key()
• sanitize_meta()
• sanitize_mime_type()
• sanitize_option()
• sanitize_sql_orderby()
• sanitize_text_field()
• sanitize_textarea_field()
• sanitize_title()
• sanitize_title_for_query()
• sanitize_title_with_dashes()
• sanitize_user()

WordPress is a powerful tool that powers nearly 35% of all websites on the Internet, so to ensure that code is not broken and is authentic to its users, they do a great job in ensuring that most plugins work and do not contain malware or anything else that could break websites. With hundreds of thousands of plugin developers and no less than at least 10 plugin submissions per week, it can be a lot of work. Especially considering the fact that each time your plugin is returned for you to make changes, and the resubmission process, every submission is checked as if it were submitted for the first time.

So I am not deterred or upset by my first plugin rejection. It was absolutely expected, as I have never submitted a WordPress plugin in my life, and while I do take measures to secure my code, there are specific standards and procedures that must be followed when developing an actual WordPress plugin to work with the core code. Kudos to WordPress for making everything a smooth process and I hope you guys enjoy the plugins built by NoteToServices, as we are now entering a whole new vast land of possibilites.

Adding         assets/css
Adding         assets/css/popup.css
Adding         trunk/inc
Adding         trunk/inc/umbumedia.php
Adding         trunk/readme.txt
Adding         trunk/uploadmediabyurl.php
Transmitting file data ....done
Committing transaction...
Committed revision 2250385.

And we have liftoff!

Download the Upload Media By URL from the WordPress repository at https://wordpress.org/plugins/upload-media-by-url/.