Steve Grunwell

Open-source contributor, speaker, and electronics tinkerer

Page 4 of 14

Writing WooCommerce Extensions with Confidence

January 24, 2018

In WordPress

If you haven’t heard, Liquid Web is now the first company offering Managed WooCommerce hosting, which is a huge step forward in the world of WordPress-oriented e-commerce. As a result, I’ve been spending a lot of time over the last few weeks working on WooCommerce extensions that help improve the experience and performance of WooCommerce.

One of the main WooCommerce extensions I’ve been working on is WooCommerce Custom Orders Table, which takes the WooCommerce 3.x CRUD concept to its next logical point: storing order data in a custom, flat table instead of scattered throughout post meta. Mindsize worked with other members of my team at Liquid Web to build the initial version of the plugin, then I came in to fix a few bugs.

Continue reading→

Roland TD1-K(V) electric drumset

Stop the hi-hat from spinning on a Roland TD1-K(V)

December 13, 2017

In Maker

Last year, I decided to put some money towards upgrading to a Roland TD1-KV electric drumset, the entry model to their “VDrum” line. I had outgrown my old Simmons SD Xpress II kit  (a Black Friday deal from a few years ago) and was excited to get something closer to “real” drums without the volume of an acoustic kit. I was also dealing with a cracked hi-hat on the old, discontinued kit, so I figured it was time.

The drums are fantastic, but after a few sessions, one thing kept bugging me: the hi-hat — a Roland CY-5 cymbal — kept spinning as I played. Nearly half the cymbal is covered in a rubberized pad, which helps mute the sound, provides a better response, and protects the plastic underneath. When I have to adjust the cymbal half-way through a song, that doesn’t make for the best playing experience.

Continue reading→

An antique hour glass, resting on a rocky beach

Exclude Dependencies from Time Machine Backups

November 2, 2017

In Code

If you’ve used a Mac in the last decade or so, you’ve likely been prompted to configure Time Machine, macOS’ built-in automated backup solution; simply connect your backup disk (or use certain network attached storage devices) and Time Machine will automatically make incremental backups of your machine. In the event that your computer’s lost/stolen, its hard drive is corrupted, or you simply deleted that super important file, Time Machine makes it easy to restore your computer’s previously healthy state.

Where Time Machine is less convenient is in the case of developers: modern development practices often rely on dependency management tools (e.g. Composer, npm, etc.) to pull in third-party dependencies. Instead of including full copies of external libraries, developers can say “my application relies on package N at version X.Y.Z”, and the dependency manager can download the necessary code as a build step. This is great for keeping third-party assets both versioned and out of version control, but for the developer working on multiple projects it poses a bit of a problem: you end up with a ton of project dependencies on your machine!

Continue reading→

Egyptian pyramids

Deeper Testing with PHPUnit Markup Assertions

October 25, 2017

In Code

In a perfect world, every piece of software would have automated tests. As soon as we change a line, we as developers would know what, if anything, broke in our application and where we need to look to fix it. Unfortunately, we don’t live in a perfect world, so we get by doing what we can.

Still, we can look to our image of the perfect world and draw from it, molding and shaping what we do have to closer resemble what we’ve been longing for.

Continue reading→

Still from the 2003 film Lost in Translation, starring Bill Murray and Scarlet Johansson

Finding Missing Laravel Translations

October 17, 2017

In Laravel

Out of the box, Laravel ships with a simple-but-intuitive localization system: when you call trans('some.key')and Laravel will automatically replace it with the value of “key” within resources/lang/{locale}/some.php. Laravel translations also accept placeholders and can handle pluralization, making it extremely easy to build applications that are localization-ready.

Of course, building an application that’s localization-ready means the Laravel translations need to be filled out to begin with. It’s far too easy to get on a role writing several views, then miss a string or two when creating the localization files. Heck, even the comments in the Translator class within Laravel itself doesn’t seem to think much of it:

If the line doesn’t exist, we will return back the key which was requested as that will be quick to spot in the UI if language keys are wrong or missing from the application’s language files. Otherwise we can return the line.

Unfortunately, I’ve had one too many apps go live (or in front of clients for demos) with a string or two missing a translation. Finally, I decided to do something about it.

Continue reading→

A home sitting on a midwestern, prairie homestead.

Developer-specific Laravel Homestead Configurations

October 6, 2017

In Laravel

Since joining Liquid Web, I’ve gotten to revisit Laravel, my favorite application framework for PHP. I’m still doing plenty of WordPress work, of course, but when building web applications — especially those with robust APIs — building atop Laravel makes so much more sense than shoehorning it into a WordPress environment.

In their mission to make application development delightful, Taylor Otwell and the other Laravel developers (including my friend Joe Ferguson) maintain Laravel Homestead, a pre-packaged Vagrant box for Laravel development. While the environment can be installed globally, Laravel Homestead can also be installed on a per-project basis, ensuring each application has its own, dedicated virtual machine.

Continue reading→

My Laravel Tests were Failing because of my App URL

September 21, 2017

In Laravel

In my role as Senior Software Engineer at Liquid Web, I’ve gotten to get back to my roots of not only doing WordPress, which has been great. In particular, I’m getting back into Laravel, getting to build real web applications in an environment that makes testing a breeze (aside: if you haven’t checked out Adam Wathan’s Test Driven Laravel course, I cannot recommend it enough!).

I ran into an interesting problem today, however, when I updated the APP_URL variable in my .env file: running my [previously 100% green] test suite, I was getting random errors and failures within my feature tests that I hadn’t been seeing before. Controller actions weren’t responding properly, model relationships weren’t always behaving, and redirects following actions were hit-or-miss.

Continue reading→

Fjallsárlón glacial lagoon in Iceland

Six Things I Wish I Knew Before Iceland

May 27, 2017

In Travel

My wife, Kim, and I just got back from a week abroad in Iceland — our first trip out of the country together since our Jamaican honeymoon and the first trip away from our toddler for more than a long weekend.

First of all, photos cannot capture the beauty that is Iceland. The mountains, the waterfalls, and the views are things you have to see in person. From the enormous glaciers to the east to the vibrant capital of Reykjavík in the west, Iceland is every bit what the guidebooks and travel blogs make it out to be.

For our trip, we wanted to be able to take in as much of Iceland as possible without losing the freedom to move at our own pace. As a result, we opted to rent a car at the airport, drive along the southern end of the country (staying just outside of the town of Vik), see the southeast end of the glacier field, then end the trip in Reykjavík.

Now that we’re back, I wanted to share a few things that I wish I had known before heading to Iceland.

Continue reading→

Screenshot from ExploitBox's CVE-2016-10033 video

Keeping WordPress Secure

May 4, 2017

In WordPress

A few days ago, a YouTube video was passed around a few Slack teams I’m a member of showing a proof of concept of an unauthenticated remote code execution vulnerability in WordPress core (in other words, a way for people to execute arbitrary code on your server, which is obviously bad). The video, posted by Dawid Golunski of Legal Hackers, purported that the vulnerability was exploited against a clean installation of WordPress with no plugins and only the default configuration.

This morning, Dawid’s new site, ExploitBox, posted details about the vulnerability. In short, by spoofing a request’s “Host” header, it’s possible to trick WordPress into sending a password reset email with a return path pointing to a domain you control.

The author goes on to hypothesize that if an attacker were to first overload the target’s inbox with large messages (effectively filling it to the point that it couldn’t hold more messages), this would cause the mail host to “bounce” (reject) the message, returning it to the sender (the attacker). Assuming the returned email contained the body of the original message, the attacker now has the link that will allow them to change the user’s password.

Continue reading→

Today is my last day at Growella

March 28, 2017

In Career

Though it was only a few short months ago that I left my Lead Web Engineer position at 10up to join Growella as their Director of Technology, today is my last day in that position. It’s not a decision I’ve arrived at lightly, but it’s a move that I feel is necessary for my career satisfaction.

I’m extraordinarily proud of what I’ve accomplished in my few months at Growella; our small team was able to take the site from concept to release in less than two months, rolling out the “Prime” release on January 17. I pitched, built, and have been writing weekly on the Engineering @ Growella blog, a place to discuss how we approach engineering challenges at Growella. Growella’s GitHub organization has a number of open-source contributions to its name, including several WordPress plugins, a WP-CLI package, and several contributions to other open-source projects.

Continue reading→

Page 4 of 14

← Previous

Next →

Topics

Latest Posts

See all posts

Upcoming Talks

I don't currently have any upcoming talks scheduled, but please get in touch if you'd like to set something up!

See all talks

Connect

Be excellent to each other.