Get in Touch
Matt Matt
Developer Diaries
2 min read

One Architecture, Six Plugins

This is the post that ties everything together. Six WordPress plugins, one architecture. Shared security model, shared UX system, shared licensing infrastructure. Here’s why that matters and how it works.

The Security Model

Every AJT plugin uses the same security patterns. check_ajax_referer() on every AJAX endpoint. wp_nonce_field() on every form. current_user_can() on every admin function. sanitize_text_field() on every input. AES-256 encryption on every PII field. These aren’t guidelines — they’re non-negotiable patterns that every function in every plugin follows.

The Licensing Infrastructure

The license module is a portable, self-contained package — 14 files that can be dropped into any AJT plugin. All plugin-specific values come from ajt_license_config(), never hardcoded. The Sentinel MU-plugin is shared across all AJT plugins on a single install, monitoring each independently.

Stripe Pro uses the full License Module with sentinel, heartbeat, and file integrity checks. The other plugins use License Lite — same RSA JWT verification, lighter footprint, no sentinel. The choice depends on the plugin’s value and piracy risk.

The Database Layer

All database access goes through AJT_DB::query() with named parameters and unprefixed table names. Never raw with string concatenation. The abstraction layer handles table prefixing, parameter binding, and connection management. It’s the same API across all plugins.

The Command Bus

When Stripe Pro and License Master run on the same server (ajt.support), they communicate via local WordPress hooks — do_action( 'ajt_payments/command', ). No HTTP overhead, no authentication middleware. The command bus pattern means adding new inter-plugin communication is just another hook handler.

Why It Matters

When you build six plugins with one architecture, every new feature benefits from everything you’ve already built. The encryption layer exists once and works everywhere. The licensing module is portable. The UX patterns are consistent. Bugs fixed in one plugin’s security model are fixed in all of them because they share the same code.

This is the moat. Anyone can build one WordPress plugin. Building six that work as one system — that’s the hard part, and that’s what AJT is.

← Previous Dual Personality: Standalone-First, Glass-Enhanced