This repository is a complete guide and codebase for mastering custom WordPress theme and plugin development using pure PHP, following the latest WordPress coding standards, security practices, and performance optimization techniques.
WordPress powers over 40% of the web, and custom development is what sets professionals apart.
This repo is designed for developers who want to build scalable, secure, and high-performing WordPress solutions from scratch.
You’ll find:
- Custom Theme Development Structure
- Plugin Architecture and Boilerplate Code
- REST API Integration and Custom Endpoints
- WordPress Hooks (Actions & Filters) Usage
- Shortcodes, Widgets, and Custom Post Types
- Database Interaction using
$wpdb - AJAX in WordPress (Frontend ↔ Backend Communication)
- Security Best Practices (CSRF, XSS, SQL Injection Prevention)
- Deployment and Optimization Tips
📁 wp-content/
┣ 📂 themes/
┃ ┗ 📂 custom-theme/
┃ ┣ 📜 functions.php = Most important file for Wp project
┃ ┣ 📜 style.css
┃ ┣ 📜 index.php
┃ ┣ 📜 Page.php = Custom Page reading/Creating
┃ ┣ 📜 header.php
┃ ┣ 📜 footer.php
┃ ┗ 📂 template-parts/
┃ ┗ 📜 content.php
┣ 📂 plugins/
┃ ┗ 📂 custom-plugin/
┃ ┣ 📜 custom-plugin.php
┃ ┣ 📜 uninstall.php
┃ ┣ 📂 includes/
┃ ┣ 📂 assets/
┃ ┗ 📜 readme.txt
- Custom theme from scratch
- Modular plugin development pattern
- Enqueue scripts & styles properly
- REST API-based data handling
- Advanced use of WordPress hooks
- Secure form handling with nonce
- Admin dashboard menu & settings page creation
- Database CRUD operations using
$wpdb - Multi-language (WPML / Polylang) compatibility ready
- Code structured for easy maintenance and scalability
By exploring this repository, you’ll learn to:
- Build your own WordPress theme with reusable templates.
- Create custom plugins that extend WordPress functionality.
- Integrate AJAX, REST APIs, and custom database tables.
- Follow WordPress coding standards (PSR-12 + WP Guidelines).
- Secure your code against common vulnerabilities.
- Optimize performance and deploy on production servers.
| Layer | Technology |
|---|---|
| Backend | PHP (7.x+), MySQL |
| Frontend | HTML5, CSS3, JavaScript, jQuery |
| Platform | WordPress CMS |
| APIs | REST API, JSON |
| Tools | VS Code, Git, Composer |
| DevOps | AWS / cPanel / LocalWP |
- PHP 7.4+
- MySQL 5.7+
- WordPress latest version
- Local server (XAMPP / LocalWP / Laragon)
- Git installed
# Clone this repo
git clone https://github.com/Github-Saurabh0/Custom-Theme-Development-Plugins-Development-in-PhP.git
# Move into your WordPress installation
cd wp-content
# Copy the theme and plugin folders accordingly- Go to WordPress Dashboard → Appearance → Themes → Activate Custom Theme
- Go to Plugins → Installed Plugins → Activate Custom Plugin
- Always validate and sanitize user inputs (
sanitize_text_field,esc_html, etc.) - Use WordPress nonces for forms and AJAX requests
- Never expose sensitive info in public API endpoints
- Escape all outputs (
esc_url,esc_attr)
function wearl_custom_greeting() {
return "<h3>Welcome to Custom Theme Development!</h3>";
}
add_shortcode('wearl_greet', 'wearl_custom_greeting');add_action('rest_api_init', function() {
register_rest_route('wearl/v1', '/data', [
'methods' => 'GET',
'callback' => function() {
return ['status' => 'success', 'message' => 'Custom API working fine!'];
},
]);
});This feature adds two custom widget areas, Primary Sidebar and Secondary Sidebar, allowing easy widget management through the WordPress dashboard.
A stylish widget container section with a transparent glass (blur) effect for displaying dynamic widgets in the frontend.
Uses the widgets_init action hook to register custom sidebars, ensuring WordPress recognizes them and allows widget placement.
Developed by: Saurabh Kushwaha
Company: Wearl Technologies
Email: Saurabh@wearl.co.in
If you find this repo helpful:
- Star this repository
- Fork and enhance it
- Submit pull requests with improvements
Let’s make WordPress development more modular, secure, and professional!
This project is licensed under the MIT License – you’re free to use, modify, and distribute with attribution.