Summary

EarthAsylum Consulting {eac}Doojigger is a multi functional and highly extensible WordPress plugin that eases and advances WordPress development and includes several Doolollys (extensions) providing file access, security, debugging, encryption, session management, maintenance mode, administration tools, and more.

{eac}Doojigger is not only a fully functional plugin, but more so, an architectural development platform (using shared/abstract code) enabling the effortless creation of full featured...

1. Custom Doojiggers (Plugins derived from {eac}Doojigger).

   • Create your own plugin with {eac}Doojigger as a robust, efficient, and clean foundation.

2. Custom Doolollys (Doojigger Extensions).

   • Add easy-to-code, task-oriented extensions installed or included in the "Extensions" folder of your Doojigger plugin or WordPress theme.

3. Custom Doohickeys (Doololly Plugins).

   • Load your plugin extensions (Doolollys) as their own WordPress plugins with their own installation folder.

Rather than updating or customizing themes and functions, it is often best to isolate your custom code in a plugin (Doojigger) or extension (Doololly) so that code is not lost when the theme is changed or updated. Themes should only be used and customized with code pertinent to the look and feel of your site. Any code that should be retained after changing a theme belongs in a Doojigger or Doololly. This keeps your code reusable and theme independent.

{eac}Doojigger makes purpose-driven, task-oriented, theme-independent, reliable, and efficient code easy to create and maintain.

Table of Contents

• Provided With {eac}Doojigger
• Doojiggers - Custom Derivative Plugins
• Doolollys - Custom Doojigger Extensions
• Doohickeys - Custom Doololly Plugins
• Using {eac}Doojigger
• Automatic Updates
• Contextual Help
• Advanced Mode

Provided With {eac}Doojigger

Doojiggers - Custom Derivative Plugins

Once {eac}Doojigger is installed and registered, you, the developer, can create your own plugin using the abstract classes and traits provided.

• First, create a simple plugin loader using your plugin class name (myAwesomePlugin.php). This is the primary plugin file and must contain the required WordPress headers; it will use the plugin_loader trait provided by {eac}Doojigger.
• Second, create your actual plugin class (myAwesomePlugin.class.php) that gets loaded by your plugin loader. This class extends the {eac}Doojigger abstract classes (abstract_context, abstract_frontend, abstract_backend) which include all of the management and utility code needed for a full-featured, full-functioning plugin.
• Third, upload and install your plugin.

Your plugin code need only focus on your particular requirements. The WordPress code and many utility functions have been taken care of for you.

See detailed instructions and examples (found in the Extras/Plugins/ folder).

Doolollys - Custom Doojigger Extensions

An extension is a PHP program class that adds functionality to the base plugin. Extensions can be coded for specific needs and can be as simple or complex as needed.

• First, create an extension class (myAwesomeExtension.extension.php) that extends the extension abstract class (abstract_extension).
• Second, upload your extension to the plugin's 'Extensions' folder.

Custom extensions may also be uploaded to your theme folder (preferable a child theme), in the ../eacDoojigger/Extensions folder.

See detailed instructions and examples (found in the Extras/Extensions/ folder).

Doohickeys - Custom Extension Plugins

Since uploading extensions to the plugin or theme folder risks overwriting those extensions when upgrading or re-installing the plugin or theme, it is very easy to add extensions as their own WordPress plugin. The plugin simply answers a filter from the base plugin telling it where to load additional extensions. These extensions then exist in their own plugin folder with no risk of being overwritten.

Using {eac}Doojigger

{eac}Doojigger provides many useful methods and hooks which can be accessed from your custom plugins or extensions, as well as from your theme functions or any code in WordPress.

See Using {eac}Doojigger (found in the Extras/UsingDoojigger/ folder) for details and examples,

• {eac}Doojigger PHP Reference documentation.

Automatic Updates

WordPress hosted plugins provide updating functionality automatically. Whenever a new version of a plugin is updated in the WordPress repository, update notifications are seen in your WordPress dashbord on the plugins page.

You can provide the same functionality with your externally or self hosted plugin with a few easy changes.

See Automatic Updates (found in the Extras/AutoUpdate/ folder) for more information.

Contextual Help

To complete your plugin and improve support, provide contextual help using the {eac}Doojigger interface to standard WordPress help functions.

Adding contextual help to your plugin and extension is easy using the methods built into {eac}Doojigger... and when using the proper filter, you can ensure that your help content only shows on your plugin page or extension tab.

See the Contextual Help page (found in the Extras/ContextualHelp/ folder) for complete details and examples.

Advanced Mode

Advanced Mode gives developers a method to implement options or features based on an advanced mode setting (or combination of settings). {eac}Doojigger uses a menu selection and license level to enable advanced mode, but custom derivatives may use other methods to implement advanced mode.

See Implementing and Using Advanced Mode for details.

A multisite network is a collection of sites that all share the same WordPress installation core files. They can also share plugins and themes. The individual sites in the network are virtual sites in the sense that they do not have their own directories on your server, although they do have separate directories for media uploads within the shared installation, and they do have separate tables in the database.

{eac}Doojigger is well aware of multi-site/network environments where only a network administrator may install plugins and plugins may be network-activated (enabled for all sites) or site-activated (enabled for/by individual sites within the network).

{eac}Doojigger manages installation, activation, deactivation and un-installing properly based on the type of installation and activation. For example, when an {eac}Doojigger derivative plugin is network-activated, it is activated on all sites in the network. When un-installed, it is un-installed from all sites. When installed by the network administrator but not network activated, each site administrator may properly activate or de-activate the plugin.

{eac}Doojigger also manages options and transients on network installations differently than the WordPress defaults...

{eac}Doojigger makes a distinction between network installed (i.e. a plugin installed on a multisite network) and network activated (i.e. activated on all sites in a multisite network).

The WordPress +_network_option() (e.g. get_network_option()) and +_site_option() (e.g. get_site_option()) methods are essentially the same and fallback to +_option() methods (e.g. single-site get_option()) if not installed on a multisite network. As well, +_site_transient() methods fallback to +_transient() when not on a multisite network.

WordPress does not check (nor should it) for the type of plugin activation (network wide vs. individual site).

{eac}Doojigger methods are different...

• $this->+_network_option() ($this->get_network_option()) methods only work on a multi-site installation when the plugin was network activated and do nothing (return default value) on a single-site activation.
• $this->+_site_option() methods only use network methods if the plugin was network activated on a multi-site installation, otherwise these methods fallback to +_option() (single-site) methods.
• $this->+_site_transient() methods only use network methods if the plugin was network activated or if invoked by the network administrator, otherwise these methods fallback to +_transient() (single-site) methods.

These are important differences and help make managing options and transients more effective in a network environment.

To illustrate these differences, if we run this code:

\add_option('my_test_option','my test');
\add_network_option(null,'my_test_option','my network test');

$this->add_option('my_test_option','my test');
$this->add_network_option('my_test_option','my network test');

We get this...

Add this code:

\add_site_option('my_test_option','my site test');
$this->add_site_option('my_test_option','my site test');

And we get this...

In short,

• use $this->add_option() to add an option only used for an individual site.
• use $this->add_network_option() to add an option only used when network activated on a multi-site installation.
• use $this->add_site_option() to add an option used either for a single site or network-wide (all sites) when network activated.

Network Related Methods

* use $this->is_network_enabled() to determine if the plugin is network activated. Extensions may use $this->is_network_enabled() to determine if the extension is enabled at the network level or $this->plugin->is_network_enabled() to determine if the plugin is network activated.

Using $this->switch_to_blog() and $this->restore_current_blog() over the corresponding WordPress functions ensures that options are correctly saved and loaded for the switched-from/to blogs.

{eac}Doojigger should be Network Activated on multi-site installations. Individual extensions and options may be configured on each site.

Definitions

doojigger (n)

1. Something unspecified whose name is either forgotten or not known.
2. A Wordpress Plugin built with {eac}Doojigger.

doololly (n)

1. Any nameless small object, typically some form of gadget.
2. An extension to a Doojigger plugin.

doohickey (n)

1. A thing (used in a vague way to refer to something whose name one does not know or cannot recall).
2. A plugin used to load a Doololly extension.

doodad (n)

1. Something, especially a small device or part, whose name is unknown or forgotten.
2. A helper or trait included with a Doojigger plugin.

Doojiggers and Doohickeys (plugins) have their own activation and deactivation processes whereas Doolollys (extensions) are activated or deactivated along with their parent Doojigger. Doohickeys remain active but perform no function if their parent Doojigger is deactivated.

{eac}Doojigger is the ancestrial parent of all Doojiggers, Doolollys, and Doohickeys.

See Also

Information on building with and using {eac}Doojigger

• {eac}Doojigger Derivatives
• {eac}Doojigger Extensions
• {eac}Doojigger Options & Settings
• {eac}Doojigger Automatic Updates
• {eac}Doojigger Contextual Help

{eac}Doojigger Information and Examples

• {eac}Doojigger How-To...

Doohickeys (plugins) and Doolollys (extensions) built with {eac}Doojigger

• {eac}SoftwareRegistry A full-featured Software Registration/Licensing Server built on {eac}Doojigger.

• {eac}SimpleGTM Installs and configures the Google Tag Manager (GTM) or Google Analytics (GA4) script with optional tracking events.

• {eac}SimpleSMTP An {eac}Doojigger extension to configure WordPress wp_mail and phpmailer to use your SMTP (outgoing) mail server when sending email.

• {eac}SimpleAWS An {eac}Doojigger extension to include and enable use of the Amazon Web Services (AWS) PHP Software Development Kit (SDK).

• {eac}SimpleCDN An {eac}Doojigger extension to enable the use of Content Delivery Network assets on your WordPress site, significantly decreasing your page load times and improving the user experience.

• {eac}ObjectCache A light-weight and very efficient drop-in persistent object cache that uses a fast SQLite database to cache WordPress objects.

• {eac}Readme An {eac}Doojigger extension to translate a WordPress style markdown 'readme.txt' file and provides shortcodes to access header lines, section blocks, or the entire document.

• {eac}MetaPixel An {eac}Doojigger extension to install the Facebook/Meta Pixel to enable tracking of PageView, ViewContent, AddToCart, InitiateCheckout and Purchase events.

Automatic Plugin Installation

Due to the nature of this plugin, it is NOT available from the WordPress Plugin Repository and can not be installed from the WordPress Dashboard » Plugins » Add New » Search feature.

Upload via WordPress Dashboard

Installation of this plugin can be managed from the WordPress Dashboard » Plugins » Add New page. Click the [Upload Plugin] button, then select the eacDoojigger.zip file from your computer.

See Managing Plugins -> Upload via WordPress Admin

Manual Plugin Installation

You can install the plugin manually by extracting the eacDoojigger.zip file and uploading the 'eacDoojigger' folder to the 'wp-content/plugins' folder on your WordPress server.

See Managing Plugins -> Manual Plugin Installation

Activation

On activation, custom tables and default settings/options are created. Be sure to visit the 'Settings' page to ensure proper configuration.

{eac}Doojigger should be Network Activated on multi-site installations.

Updates

Updates are managed from the WordPress Dashboard » 'Plugins' » 'Installed Plugins' page. When a new version is available, a notice is presented under this plugin. Clicking on the 'update now' link will install the update; clicking on the 'View details' will provide more information on the update from which you can click on the 'Install Update Now' button.

When updated, any custom tables and/or option changes are applied. Be sure to visit the 'Settings' page.

Deactivation

On deactivation, the plugin makes no changes to the system but will not be loaded until reactivated.

Uninstall

When uninstalled, the plugin will delete custom tables, settings, and transient data based on the options selected in the general settings. If settings have been backed up, the backup is retained and can be restored if/when re-installed. Tables are not backed up.

Is {eac}Doojigger stable and reliable?

Since version 2, {eac}Doojigger has been meticulously updated to provide not only new features and efficiencies, but many other improvements, including stability and reliability. The code base of {eac}Doojigger has been in proprietary use (and in development) over several years and on several websites. However, there is a nearly infinte number of website configurations and uses that can't possibly be tested. If you run into any issues, problems, bugs or simply change requests, I'd be more than happy to address them and to work with you.

Where can I find more information about ...

• creating a derivative plugin
• creating a custom extension
• defining and using options & settings in my plugin or extension
• providing automatic updates for my plugin
• providing contextual help for my plugin or extension
• using features of {eac}Doojigger

The {eac}Doojigger Extras (now at this Github Repository) includes examples and documentation:

• {eac}Doojigger Extras
• {eac}Doojigger Extras Documentation
• {eac}Doojigger Extras Download

Who is EarthAsylum Consulting?

EarthAsylum Consulting is a one-person consulting agency in business since 2005. I have some 30 years experience in technology and software development for a disperse range of businesses.

Currently, and for the last decade or more, my focus has been on internet-based business software & technology management.

In developing {eac}Doojigger, and other plugins based on it, I hope to maintain a small revenue stream to help keep me going.

To that end, your support is greatly appreciated. It will enable me to continue developing quality software and provide support to current and future clients (and to enjoy a cup of coffee occasionally).

It's not just a job, it's a hobby, a craft, a passion, and an art.

Learn more here...

• EarthAsylum Consulting
• Kevin Burkholder

Thank you! Kevin Burkholder

1. General settings

2. Tools settings

3. Debugging settings

4. Security settings

5. Advanced Mode Menu

6. My Awesome Plugin with My Awesome Extension

7. My Awesome Plugin Contextual Help

3.0

As of version 3.0, PHP 7 is no longer supported; {eac}Doojigger requires PHP 8.1+

Copyright © 2019-2025, EarthAsylum Consulting, All rights reserved.

This is proprietary, copyrighted software.

• Title to the Software will remain the exclusive intellectual property of EarthAsylum Consulting.

• You, the customer, are granted a non-exclusive, non-transferable, license to access, install, and use this software in accordance with the license level purchased.

• You are not permitted to share, distribute, or make available this software to any third-party.

See: EarthAsylum Consulting EULA

Version 3.1.1 – May 6, 2025

• Session extension:
  • Add wp_cache as supported session manager.
  • check for doing or did init on session_init.
  • session_init() returns bool (required).
• Include debugging filtered array in QueueMonitor (qm) output.
• Limit flush_caches() to once per minute.
• after_flush_caches filter allows return of cache name(s) flushed.
• Disable security extension for WP-cli.
• Added X-Kinsta-Edge-Incomingip to HTTP_IP_HEADERS.
• Check for string when overriding enable_option in extensions.
• Added isExtension flag (true) on registerExtension.

Version 3.1 – April 29, 2025

• Tweak admin loading actions to load before extensions.
• Added CORS override/allow by IP address or CIDR subnet.
• Improved/fixed extension loading and registration.
  • Prevent _load_textdomain_just_in_time was called incorrectly notice from WordPress.
    • All extensions - delay option registration until admin_init.
    • swRegistrationUI - delay admin links until admin_init.
    • abstract_extension - force delay of registerExtension() until admin_init.
  • Fix potential 'enabled' extension that should be 'disabled'.
  • abstract_extension - save enable_option name when registered.
• Rework plugin environment check - limit when checked (on activate, updates, or daily).
• Due to new extension (event_scheduler) and external dependencies, version set to 3.1.0.
  • Version 3.0.4 was not released.
• Added EAC_ALLOWED_WP_SCHEDULES to limit intervals shown on admin screen.
• Added allowed_schedules filter to filter out any unwanted schedules/intervals.
• security_cors: Use daily cron (if scheduled) to get host IP addresses.
• security_cors: Suppress scheme/host warning.

Version 3.0.4 – March 31, 2025

• Tested with WordPress 6.8.
• New event_scheduler (cron) extension.
  • Intervals - Manage custom intervals (aka schedules).
  • Events - Schedule WP Core or custom interval events.
  • Tasks - Add tasks (actions) to scheduled events.
• createScheduledEvents() and removeScheduledEvents() called on plugin install/update now do nothing.
• Added plugin_activated and plugin_deactivated actions.
• Session extension - wait for WP 'init' before setting cookie.
• Visitor Id - wait for WP 'init' before setting cookie.
• Removed obsolete delete_option(...) statements.
• Optimized forEachNetworkSite() method.
• Removed schedule to purge transients, WP will do it (delete_expired_transients).
• Don't flush object cache (wp_cache_flush()) when using external cache.
• Added eacDoojigger_log_info|notice|warning|error|debug|always actions.
• Debugging extension enhancements.
  • Added wp-cron debugging options.
  • Added support for Queue Monitor.
  • Combined settings to single switch option.
• explode_with_keys() now accepts array of strings to explode.

Version 3.0.3 – March 11, 2025

• Remove check for 'X-Requested-With' in ajax request (cors).
• Fix inclusion of security_ra.abstract.php.

Version 3.0.2 – February 26, 2025

• Validate risk_assessment_limit in risk_assessment().
• Check headers_sent() in access_denied().
• Use is_file() rather than file_exists() in insert_with_markers().
• Validate $_REQUEST['action'] in debugging extension.
• Make $userIni public in security extension.

Version 3.0.1 – December 14, 2024

• Settings are not registered until set_current_user action and only when isSettingsPage().
• Non-standard "advanced mode" (i.e. "professional")
  • Display "__ Level Feature" instead of hiding the feature/option.
    • If level has multiple words (i.e. "Professional Mode Only"), display level only, else display "{level} Level Feature".
  • If level starts with "-" (i.e. "-professional"), don't display.
  • Filter {classname}_advanced_mode_field to filter above display field.
• Fix wp_filter_count(), wp_action_count().

Version 3.0 – December 3, 2024

• Introducing Doojiggers, Doolollys, Doohickeys, and Doodads.
• Tested with WordPress 6.7.
• Dropped support for PHP < 8.1.
• New browser optimization options (CSS Early Hints, Asynchronous CSS, JS Early Hints, Asynchronous JS).
• New Risk Assessment security module using 3rd-party API extensions as well as internal actions and filters to assess and track security risks by IP address.
  • Implemented server-side CORS security.
    • Apply CORS rules to rest, xml, and admin-ajax.php requests.
    • Options to use referer or reverse DNS to get origin.
    • Validate local server host IP when passed as origin.
    • Origin white-list and excluded URIs.
  • New register_[fraud|threat|abuse|risk] hooks used to tag risky actions and, possibly, block access.
    • Added register_threat action to several security checks.
  • New AbuseIPDB api extension to block by IP address based on abuse score.
    • See : https://www.abuseipdb.com/user/165095
  • New FraudGuard api extension to block by IP address based on risk level.
    • See : https://www.fraudguard.io
  • New IpGeoLocation api extension to block by IP address based on threat score.
    • See : https://www.ipgeolocation.io
• New 'Content Security Assistant' (Add Script nonce, Add Style nonce, Do CSP Action).
  • Add nonce=xxx to script and style link tags.
  • New eacDoojigger_security_nonce filter gets security nonce.
  • New eacDoojigger_content_security_policy action passes security nonce to facilitate Content-Security-Policy creation.
• New ipUtil helper to check IP address against list of addresses and/or subnets (cidr).
  • New isIpInList() method using ipUtil.
• New get_output_file() to create/write a file in appropriate WP path.
  • a. where the WP debug log is stored.
  • b. in the upload folder.
  • Uses wp_filesystem for proper access.
• New access_denied() method used to block fraudulent requests.
• Move is_admin_request() and is_network_admin_request() from abstract_context to Helpers/functions.php.
• Added is_request_type() and is_php_request() to functions.php (\EarthAsylumConsulting namespace).
• Reworked admin options menu(s).
• Improved extension loader methods.
• Allow null instance in plugin_loader::getInstance().
• Added user roles to advanced mode arrays and allow array of OR'd options.
  • $this->isAdvancedMode('global','administrator')
  • $this->isAdvancedMode('global',['administrator','editor'])
• Standard methods for option, hook, table names with prefix.
  • addClassNamePrefix(), removeClassNamePrefix(), getClassNamePrefix(), hasClassNamePrefix()
• Debugging extension uses get_output_file() and changes log file name.
• New hooks trait includes all prefixed action and filter functions.
  • New has_filter_count(), has_action_count()
  • New wp_filter_count(), wp_action_count() (not prefixed).
• Added ENABLE_OPTION constant to extensions to allow override of the enable option used in an admin tab section.
• Added TAB_NAME constant to extensions to allow setting the default tab name.
• Added filters to change a settings group label or tab name.
  • $this->apply_filters('settings_group_label',$groupLabel,$optionGroup)
  • $this->apply_filters('settings_tab_name',$optionTab,$optionGroup,$isNetworkSettings)
• New getRequestURL(), getRequestParts(), getRequestHost(), getRequestPath() methods using WP request.
• New getRequestOrigin() gets origin from header or referrer or reverse DNS lookup.
• New options_settings_page_footer action after settings form before closing div.
• Use options_settings_page_footer action in swRegistrationUI.
• Suppress shutdown error for not-called parent methods.
• Check additional http headers in getVisitorIP().
• Debugging allows non-php requests with file type exclude list (using wp_get_ext_types()).
• Changed default session cookie name (play nice with caching utilities).
• Changed default visitor cookie name (play nice with caching utilities).
• Allow cookie name as array containing alternate names in get_cookie().
• Maybe serialize/unserialize cookie value in set_cookie() and get_cookie().
• varCookie() defaults to get_cookie() if only one argument (name).
• Use sanitize_key() on cookie name but check for un-sanitized name in get_cookie().
• Removed scheduleEvent() method. Not used, didn't work. Use wp_schedule_single_event().
• New color-palette.css loaded on admin pages.
• Load TextDomain on init (as per WP v6.7).

See changelog.md for more