Add prefixes to WordPress post types when a theme is activated

Recently, I had a real problem on my hands.

I had neglected to prefix the post type names in some of my themes, and as it turns out, so did another popular WordPress plugin. Long story short: this plugin became unusable when running my themes, and this did not make my users very happy.

It became clear that I needed to bust out some ninja moves to overcome this dilema.

The code below is the solution I drafted – maybe it will help you too. It’s a function that runs when the theme is in use, and rewrites the post type names in the database with any prefix you choose.

After the theme is activated the specified post types will be renamed to: fjarrett_acme, fjarrett_foo and fjarrett_bar.

Sadly, there is not yet a hook that will fire only when themes are activated/updated. The after_setup_theme action is a little misleading in that it fires when WordPress sets up the current theme, not when an admin activates and/or updates the current theme.

So, it’s basically firing with every load of WordPress when the theme is active. Someone first made a patch for this 3 years ago and it looks like it’s finally being revisited.

For that reason, this is by no means the most resource-friendly solution, but we are killing the script if the prefixed post type already exists – which requires an additional query – but this is crucial for two reasons:

  1. So we’re not attempting to update the database with every page load – after the original post types are given prefixes the database update will never run again.
  2. So other plugins/themes (like the one I was in conflict with) can be installed later, creating their blasphemous post type names, and we won’t attempt to rewrite them.

Hopefully this is helpful to you and your project in some way. If so, please tell me about it the comments!

How to hide your WordPress version number…completely

Did you know that your WordPress version number is visible to everyone?

As Matt Mullenweg rightly pointed out several years ago, simply hiding your WordPress version number is not enough by itself to stay protected from potential threats (you should always be keeping your WordPress installation up-to-date).

But perhaps you have a client who has specifically requested its removal or maybe you just like keeping things on the safe side, either way there are a lot of tutorials out there on how to remove it from various areas but none that I’ve found showing how to remove it from every area at the same time.

The WordPress version number appears in three areas:

1. Generator Meta Tag in the Header

<meta name="generator" content="WordPress 3.3.2" />

2. Generator Tag in RSS Feeds

<generator>http://wordpress.org/?v=3.3.2</generator>

3. Query Strings on Scripts & Styles

If a script or style does not specify a version number when enqueued, the current version of WordPress is used.

foo.js?ver=3.3.2

One Block of Code to Rule Them All

Just enter this into your functions.php file and your WordPress version will be safely hidden from the public.

However, there is one small caveat to be aware of when using this method: This function will check to see if the ver query string matches the WordPress version number, so if the version of the enqueued script happens to be the exact same as the WordPress version then its version string will be removed as well.

This will occur rarely (if ever), especially when the current WordPress version is a point release, such as 3.3.2.

The simplest way to require/include wp-load.php

If you want to use WordPress functionality in a PHP file that exists outside of your WordPress installation then you need to include wp-load.php. Perhaps you could call this “hooking into WordPress”.

Maybe you’re already using some sort of relative path method, like:

<?php include '../../../wp-load.php'; ?>

But this can create problems if directories change. You need a clean, dynamic way to get wp-load.php. So here is the simplest way to do it, with just two lines of code (place it at the very top of your file):

1
2
3
4
5
6
<?php
 
$parse_uri = explode( 'wp-content', $_SERVER['SCRIPT_FILENAME'] );
require_once( $parse_uri[0] . 'wp-load.php' );
 
?>

Short and sweet :)

Disclaimer: This is intended for experimental and development purposes only. It is not advised to redundantly load WordPress on live production environments. But, why?