Summary: This QR Code Widget looks like a first try into plugin development. If you really need QR codes, get the issues in this review fixed. For now though, I'd say: don't use it.
QR Codes are either all the rage or they’re about ready to “go”, depends on who you ask, but apparently people like them so much that they want them on their blog. This QR Code Widget is actually one of many plugins on WordPress.org that helps you to show a QR code on your site, and it seems to have some solid options. It has both a widget as well as allowing you to use shortcodes to display QR codes in your posts.
This is the first bit of feedback I’d give: the name is chosen poorly. If it’s a QR Code Widget, I wouldn’t expect the shortcode functionality. I’m never too happy with a plugin page on WordPress.org that hasn’t got more than 3 lines of text on it. Plugin authors should now better than to do that, you’d think. In those 3 lines he manages to tell the important details though: what his code is based on and he mentions that there is both a shortcode and a multi widget.
The widget works in the backend, although it has quite a few features I think most people would never use. Error correction? PNG or JPG? What do I care, I just want a QR code. Also, the plugin pre-fills the widget with a link to its own site. A very annoying feature that is actually outside of the rules for WP.org.
The admin page is pretty poorly designed, or rather, not designed at all, and has a lot of features that are not really explained. As a novice who “just wants a QR code” I’m lost once again. It would be a lot better if the options that are there were explained, especially explaining why I’d want to select any of the options, and a separation was made between “needed” and “optional” settings as well as “advanced” settings.
The plugin author was, at the time of writing, active in the plugin’s WordPress.org forums responding to questions.
I won’t comment on the quality of the code the project is based on, I know too little about QR codes to say something sensible. I do know that the quality of the plugin code itself is rather poor and doesn’t adhere to WordPress API’s, some of the issues:
- If you moved your WP Content directory, the plugin would break.
- There’s a lot of whitespace being output by the plugin as well, which could cause all sorts of errors.
- The plugin throws notices when WP_DEBUG is enabled.
- It uses the request URI to generate the QR code instead of the permalink.
- It doesn’t have protection against CSRF in the admin because it doesn’t use nonces or the options API.