WordPress Hack Night

WordPress Hack Night. 

• Date: Friday Aug 18th – 7pm in Mudgeeraba

• Cost: $10 entry to help cover pizza and beverages. 

• Entry: a moderate level of WordPress development will be required. If you’ve built a basic plugin before then it should be fine 🙂

Two teams battle it out during a two hour plugin development challenge. 

The “plugin spec” will be published one hour before start and include all requirements/sample screenshots. The workload will be spread through your team and involve PHP, JavaScript, CSS and some basic graphic tasks. Teams will continuously push their code to separate public github repos. The code will be analyzed with selenium during the event and points will be given to teams who hit milestones on time (e.g. existing elements / functional buttons on the page). The plugin will be easy enough to develop quickly.

Commit quality code often in order to win. The same basic plugin code will be provided to both teams as a starting point. We’ll also have a chassis.io config available for teams that matches the testing server. 

Commit often. Points will be capped per user so the team that has everyone contributing will have a better chance.

Event Format: 

• 7pm – welcome, network setup, ensure everyone can access local server, resources and github repo. Teams form and plan how they’ll work together. Pizza, beverages and music begins.

• 8pm – start! delegate tasks, work as a team, build plugin to spec. 

• 9pm – At the half way point we’ll take a break. While we’re on break two things will happen:

the client is going to change the plugin requirements (only slightly). Updated spec and screenshots provided.

an “external contractor” will push new code to your repos to handle these new client requirements. The code will be bad and include a number of sneaky vulnerabilities. This bad code will go live onto both teams servers.

• 9:30pm – After the break, teams have to work to identify and fix the new vulnerabilities in code without removing the new functionality. Bonus points will be given to teams who can infect their opponents WordPress installations (writing a file, reading a file, saving to options table, creating a new admin user, defacing with stored XSS). Identify, exploit and fix quickly.

• 10:30’ish – finish! Git closed. Final selenium & visual regression test based on provided screenshots. Bonus points added for pixel perfect rendering and WPCS coding standards test. 

All team members will have to be on site. If this works well then next time we can attempt allowing remote teams. 

edit: Leave a comment if you would prefer a theme build over a plugin build 🙂