Remote Bypass API – A wordpress API plugin

I was in need of a remote API to access my WordPress blog for writing, updating, deleting etc. of my posts driven by MySQL statements.

I tried to make head or tails out of the official Rest API plugin but got annoyed by too much overhead and stuff to learn. I needed a solution NOW!

So I decided to program my own server API to suite my needs.

It’s pretty easy to handle. You can use every build in WordPress function as you are used to.

Security

The server is secured by apache’s basic authentication (.htpasswd/.htaccess). Communication is encrypted by SSL (if installed). There is also a checksum to make sure that no bit of the command is lost or changed during sending.

Every generated API server on every machine is completely unique. All folders and sub folders and filenames are randomly generated. And of course all the credentials are randomly generated, too.

There is no need to remember any passwords (so you are not tempted to use simple ones). You only have to use the admin area download link to get your unique API client.

This generated small client code includes the function „call_server„. This function will send your command to the API server and wait for the result(s) coded in a handy json generated string.

Examples

require('./remote-bypass-api-client_inc.php');
print_r(json_decode(
	call_server(
	array('wpfunction'=>'get_users', 'args'=>array('role'=>'administrator'))
	)));

This will call the server. Parameters are name of function („get_users„) and an argument’s array as defined in https://codex.wordpress.org/Function_Reference/get_users.

This is the result in the brower’s source code view:

Another example, now with including a particular, needed function.

require('./remote-bypass-api-client_inc.php');
$attach_data=json_decode(call_server(
	array('wpfunction'=>'wp_generate_attachment_metadata', $attach_id, $file),
	null, // using default coder
	'wp-admin/includes/image.php' // needed for wp_generate_attachment_metadata
));

See, this plugin bypasses the WordPress function, hence the name.

DOWNLOAD

Use at your own responsibility. No guarantee, no support.

remote-bypass-api

Changelog

  • 0.6.1 (2017-03-04) (API Version 6)
    • bugfix: caching on some machines prevented generating of new API servers
  • 0.6 (2017-03-03) (API Version 6)
    • more bugfixes
    • set all the necessary include files in third parameter
  • 0.5 (2017-03-02) (API Version 5)
    • fixed: buggy catching of server path
    • suppress error messages in client
  • 0.4. (2017-02-15) (API Version 4)
    • hiding and randomizing basefolder
    • now accepting all kind of parameter arrays
  • 0.3 (2017-02-15) (API Version 3)
    • now handles pure strings as arguments as well
  • 0.2 (2017-02-11) (API Version 2)
    • checksumm check
    • Communication between client and server is crypted when ssl
  • 0.1 (2017-02-11) (API Version 1)
    • first version.

Ähnliche Beiträge: