04 Май
Разработка программного обеспечения в 2026 году окончательно перешла в эру Vibe Coding. Сегодня создать полноценный WordPress плагин на ИИ можно за считанные минуты, если правильно управлять агентами и использовать готовые платформы для приема платежей.
В этом материале мы разберем полный цикл создания премиального продукта SEO Link Flow: от настройки Docker-окружения до интеграции системы лицензирования Freemius.
В этом материале мы разберем полный цикл создания премиального плагина SEO Link Flow: от настройки Docker-окружения до интеграции системы лицензирования Freemius.
Видеоурок: Полный процесс разработки (54 минуты)
Подготовка инфраструктуры и Docker
Для обеспечения стабильности и воспроизводимости проекта мы используем изолированную среду на базе Docker. Это позволяет избежать конфликтов версий PHP и MySQL.
Репозиторий проекта на GitHub: https://github.com/CRIK0VA/wpdocker
Основой для нашего каркаса послужил проект wpdocker, который позволяет развернуть готовую среду WordPress одной командой docker-compose up -d. Весь код плагина находится в каталоге ./plugins/seo-link-flow/.
Пошаговый план разработки
Мы разделили процесс на 4 ключевых этапа (итерации). Для каждого этапа я подготовил специальные промпты, которые вы можете использовать в Cursor, Windsurf или ChatGPT.
Подготовка:
# WordPress Development Standards & Persona
## Role
You are an Expert Senior Full-Stack WordPress Engineer. You write clean, scalable, and secure code following the official WordPress Coding Standards (WPCS).
## Development Environment
- **Base Infrastructure:** Use the [wpdocker repository](https://github.com/CRIK0VA/wpdocker) as the foundation.
- **Root Directory Strategy:** This is a monorepo. The Docker environment and the plugin development happen in one place.
- **Plugin Location:** All plugin code must be strictly contained within `./plugins/seo-link-flow/`.
## Architecture Principles
- **Pattern:** Object-Oriented Programming (OOP) with a Main Singleton class as the entry point.
- **Organization:**
- `core/`: Core logic and initialization.
- `admin/`: Admin-side logic, settings, and UI.
- `public/`: Frontend hooks and output.
- `includes/`: Helper functions and third-party integrations (including Freemius SDK).
- **Versioning:** Minimum PHP 7.4, optimized for PHP 8.2+.
- **Security:** Strict adherence to "Escape on Output, Sanitize on Input." Use `check_admin_referer` and `wp_verify_nonce` for all actions.
## Coding Style
- **Naming:** Use `snake_case` for functions/variables and `PascalCase` for Classes. All symbols must be prefixed with `SLF_` (SEO Link Flow).
- **Hooks:** Always use the most specific hooks. Maintain a clear separation between business logic and WordPress actions.
- **Documentation:** Use PHPDoc for every class and method.
## Execution Process (4 Iterations)
We will work in 4 distinct steps. **DO NOT move to the next step without my explicit confirmation.** After completing each task, wait for my feedback.
1. **Step 1: Core Architecture & Free Feature**
- Goal: Initialize plugin boilerplate and implement the basic "Related Posts" logic.
- Instructions: Refer to `./prompts/01-core-plugin.md`.
2. **Step 2: Freemius SDK Integration**
- Goal: Connect the Freemius library and set up the `is_pro()` gatekeeper.
- Instructions: Refer to `./prompts/02-freemius-sdk.md`.
3. **Step 3: Pro Feature Development**
- Goal: Implement the "Smart Context Links" engine accessible only to Pro users.
- Instructions: Refer to `./prompts/03-pro-feature.md`.
4. **Step 4: Final Security Audit & Production Ready**
- Goal: Complete code review, security hardening, and final documentation.
- Instructions: Refer to `./prompts/04-final-audit.md`.
## Final Deliverables & Documentation
At the end of Step 4, you must update the root `README.md` file to include:
- **Project Overview:** Brief description of the plugin and its features.
- **Setup Instructions:** How to run the environment via Docker (`docker-compose up -d`).
- **Build Script:** Provide a Bash command (or script) to generate a production-ready ZIP archive containing ONLY the `./plugins/seo-link-flow/` folder, excluding `.git`, `.github`, and development configs.Этап 1: Архитектура и базовая функциональность
На этом шаге мы создаем «скелет» плагина на базе ООП и реализуем бесплатную функцию автоматической перелинковки Related Posts.
### TASK
Initialize a professional-grade WordPress plugin named **"SEO Link Flow"**.
### CONTEXT
We are building a freemium SEO tool. This first iteration must establish a robust boilerplate and implement the core "Free" feature: an automated "Related Posts" block.
### ARCHITECTURAL REQUIREMENTS
1. **Entry Point:** Create `seo-link-flow.php`. Implement a Singleton class `SLF_Core` that handles plugin initialization, activation, and deactivation.
2. **Autoloading:** Implement a simple PSR-4 compliant autoloader or a structured inclusion system for classes in `core/`, `admin/`, and `public/`.
3. **Settings API:** Create a dedicated settings page under "Settings > SEO Link Flow". Use the WordPress Settings API (not a custom POST handler) to manage a toggle for the "Related Posts" feature.
### FEATURE SPECIFICATION (Free Version)
**Feature Name:** Automatic Related Content.
- **Logic:** Hook into `the_content` filter. If the feature is enabled and we are on a `single` post:
- Query the database for 3 posts that share at least one common 'category' or 'tag' with the current post.
- Exclude the current post ID from the results.
- If fewer than 3 related posts exist, backfill with the most recent posts.
- **UI:** Append a `div` with class `.slf-related-box` containing a header "Recommended Reading" and an unordered list of links.
- **Styling:** Enqueue a minimal CSS file (`public/css/slf-public.css`) with clean, modern styling (flexbox, 15px padding, subtle border).
### OUTPUT
1. Generate the complete file structure.
2. Provide the code for all classes.
3. Ensure all strings are translatable using the text domain `seo-link-flow`.
4. Follow the standards defined in `agents.md`.Этап 2: Интеграция монетизации через Freemius
Чтобы превратить плагин в бизнес, необходимо внедрить систему лицензирования. Мы используем Freemius SDK, который берет на себя платежи, обновления и управление пользователями.
### TASK
Integrate the **Freemius PHP SDK** into the "SEO Link Flow" plugin architecture.
### CONTEXT
I have manually added the Freemius SDK folder into `includes/freemius/`. Now, we need to bridge this SDK with our `SLF_Core` class to enable licensing, updates, and the "Pro" version logic.
### ARCHITECTURAL REQUIREMENTS
1. **Initialization Logic:**
- Inside `SLF_Core`, create a protected method `init_freemius()`.
- This method must be called during the plugin's early initialization (hook into `plugins_loaded` with high priority).
- Use the standard Freemius snippet for integration, but wrap it cleanly within our class structure.
2. **Freemius Configuration:**
- Use the following placeholders for the integration snippet (I will replace them with real IDs later):
- `ID`: '12345'
- `PUBLIC_KEY`: 'pk_your_public_key_here'
- `SLUG`: 'seo-link-flow'
- Ensure the `menu` configuration points to our existing settings page.
3. **Global Accessor:**
- Implement a public method `is_pro()` within the `SLF_Core` class.
- This method should return `true` if the current user has an active premium license (via `$slf_fs->is_premium()`), and `false` otherwise.
- This method will be our primary "gatekeeper" for Pro features in the next iteration.
4. **UI Branding:**
- Ensure that when Freemius is active, it correctly handles the "Account" and "Contact Us" submenus under our main "SEO Link Flow" menu.
### QUALITY STANDARDS
- **Conditional Loading:** Only initialize Freemius if the constant `WP_INSTALLING` is not defined.
- **Error Handling:** Ensure the plugin doesn't crash if the SDK folder is missing or moved.
- **Clean Code:** Avoid global variables where possible; use the Singleton instance to store the Freemius object.
### OUTPUT
1. Updated `seo-link-flow.php` (or the relevant core class file).
2. Any necessary changes to the autoloader to ensure Freemius is loaded before the rest of the plugin logic.
3. Documentation comments explaining how the `is_pro()` check works.Этап 3: Разработка Pro-функций
Реализуем «умную» анкорную перелинковку, которая будет доступна только владельцам платной лицензии. Это демонстрирует ценность Pro-версии для SEO.
### TASK
Develop and integrate the "Pro" feature: **Smart Contextual Auto-Linking**. This feature must be strictly gated behind the `is_pro()` check.
### CONTEXT
We have the core infrastructure and Freemius SDK ready. Now we need to implement a system that automatically converts specific keywords in the post content into internal links.
### FEATURE SPECIFICATION (Pro Version)
1. **Keyword Management UI:**
- Add a new tab or section in the Admin Settings named "Smart Links (Pro)".
- If `is_pro()` is false, display a professional-looking "locked" state with a call-to-action button to upgrade.
- If `is_pro()` is true, show a repeatable table where the user can define:
- **Keyword/Phrase** (e.g., "WordPress development").
- **Target URL** (e.g., "https://site.com/services/").
- Use AJAX to save these pairs to the database (options table).
2. **Auto-Linking Engine:**
- Create a new class `SLF_Link_Engine` in `core/`.
- Hook into `the_content` with a priority that runs *before* the Free "Related Posts" block.
- **Logic:**
- Check `is_pro()`. If false, abort immediately.
- Scan the post content for the defined keywords.
- Replace keywords with `<a href="...">keyword</a>`.
- **Safety & Performance:**
- Avoid replacing keywords inside existing `<a>`, `<h1>-<h6>`, or `<code>` tags.
- Limit replacements to 1 instance per keyword per post to avoid "over-optimization" and SEO penalties.
- Use `DOMDocument` or a highly optimized `preg_replace` to ensure HTML integrity.
### ARCHITECTURAL REQUIREMENTS
- **Gatekeeping:** All Pro logic must be wrapped in `if ( $slf_core->is_pro() )`.
- **Separation:** Keep the Link Engine logic in its own file to maintain a clean codebase.
- **Feedback:** Add a small admin notice for free users on the settings page, encouraging them to try the Pro features.
### OUTPUT
1. New class `SLF_Link_Engine`.
2. Updated Admin class to include the "Pro" settings UI.
3. Updated main plugin file to initialize the Link Engine.
4. Professional PHPDoc and inline comments for the complex regex/DOM logic.Этап 4: Технический аудит и безопасность
Финальный штрих — проверка кода на соответствие стандартам WordPress Coding Standards (WPCS) и аудит безопасности (XSS, SQL injections, Nonces).
### TASK
Perform a comprehensive security audit and architectural review of the entire "SEO Link Flow" plugin codebase. Ensure 100% compliance with official WordPress Coding Standards (WPCS) and Security Best Practices.
### ROLE
Act as a Senior WordPress Core Contributor and Security Auditor. Your goal is to find any potential vulnerability or violation of the WordPress Plugin Handbook.
### AUDIT REQUIREMENTS
1. **Security & Data Integrity:**
- **Sanitization:** Verify that every user input (from settings, AJAX, or POST) is sanitized using the correct function (`sanitize_text_field`, `absint`, `sanitize_url`, etc.).
- **Escaping:** Ensure every single piece of data outputted to the HTML is escaped at the point of rendering (`esc_html`, `esc_attr`, `esc_url`, `wp_kses`). No exceptions.
- **Nonces:** Check that all administrative actions and AJAX calls are protected with `wp_create_nonce` and `check_admin_referer` / `check_ajax_referer`.
- **Permissions:** Confirm that all restricted logic is wrapped in `current_user_can()` checks with appropriate capabilities (e.g., `manage_options`).
2. **WordPress Codex & Standards Compliance:**
- **Naming Conventions:** Ensure all functions, classes, and variables follow the `SLF_` prefixing rule and snake_case/PascalCase standards.
- **Global Scope:** Ensure the global namespace is not polluted. Verify that the Singleton pattern is correctly implemented without leaks.
- **Database:** Check that any database interaction (even via Options API) is efficient and follows WP best practices.
- **Hooks:** Verify that `add_action` and `add_filter` are used with the correct number of arguments and priority.
3. **Performance & Cleanliness:**
- Optimize any `WP_Query` or `preg_replace` logic for speed.
- Remove any "todo" comments, debug logs, or temporary "hacky" fixes.
- Ensure PHPDoc blocks are complete for every method, including `@param` and `@return` types.
### OUTPUT
1. **Security Report:** List any found vulnerabilities and provide the corrected code.
2. **Refactored Files:** Provide the final, "production-ready" version of all plugin files that required changes.
3. **Compliance Summary:** A brief checklist confirming that the plugin is now ready for the WordPress.org repository review process.Автоматизация сборки
Для загрузки на платформу Freemius и официальный репозиторий WordPress нам нужны разные сборки. В корне проекта в файле README.md вы найдете готовый Bash-скрипт, который автоматически упаковывает ваш плагин в чистый ZIP-архив, исключая системные файлы Docker и Git.
Заключение
Использование ИИ-агентов в связке с проверенными инструментами монетизации, такими как Freemius, открывает огромные возможности для разработчиков. Теперь фокус смещается с «как написать код» на «какую проблему пользователя решить». Ссылка на репозиторй с исходным кодом проекта — https://github.com/CRIK0VA/FreemiusPluginExample
