<?php
/**
* Plugin Name: Profile WordPress.org
* Plugin URI: https://close.technology
* Description: Shows your WordPress.org Profile.
* Version: 1.0.0
* Author: David Perez
* Author URI: https://close.technology
* Text Domain: wporg-profile
* Domain Path: /languages
* License: GPL-2.0+
* License URI: http://www.gnu.org/licenses/gpl-2.0.txt
*
* @package WordPress
* @author David Perez
* @copyright 2023 Closemarketing
* @license GPL-2.0+
*
* @wordpress-plugin
*
* Prefix: wporg-profile
*/
defined( 'ABSPATH' ) || die( 'No script kiddies please!' );
define( 'PROFWP_VERSION', '1.0.0' );
define( 'PROFWP_PLUGIN', __FILE__ );
define( 'PROFWP_PLUGIN_URL', plugin_dir_url( __FILE__ ) );
define( 'PROFWP_PLUGIN_PATH', plugin_dir_path( __FILE__ ) );
define( 'PROFWP_API_BASE', 'https://wordpress.org/wp-json/wporg/v1/users/' );
add_action( 'plugins_loaded', 'profwp_plugin_init' );
/**
* Load localization files
*
* @return void
*/
function profwp_plugin_init() {
load_plugin_textdomain( 'wporg-profile', false, dirname( plugin_basename( __FILE__ ) ) . '/languages' );
}
add_shortcode( 'wp_profile', 'show_widget_profile' );
function show_widget_profile( $atts ) {
$atts = shortcode_atts(
array(
'user' => 'davidperez',
),
$atts
);
$response = wp_remote_get( PROFWP_API_BASE . $atts['user'] . '/' );
$html = '';
if ( isset( $response['response']['code'] ) && 200 === $response['response']['code'] ) {
$body = wp_remote_retrieve_body( $response );
$profile = json_decode( $body, true );
$html .= '<style>
.wporg-profile {
display: flex;
flex-direction: column;
align-items: center;
max-width: 300px;
}
</style>';
$html .= '<div class="wporg-profile">';
if ( ! empty( $profile['avatar_urls'] ) && isset( $profile['avatar_urls']['96'] ) && isset( $profile['name'] ) ) {
$html .= '<div class="wporg-profile-avatar">';
$html .= '<img src="' . esc_url( $profile['avatar_urls']['96'] ) . '" alt="' . esc_html( $profile['name'] ) . '">';
$html .= '</div>';
}
if ( ! empty( $profile['name'] ) ) {
$html .= '<div class="wporg-profile-name">';
$html .= '<a href="' . esc_url( $profile['link'] ) . '">' . esc_html( $profile['name'] ) . '</a>';
$html .= '</div>';
}
if ( ! empty( $profile['description'] ) ) {
$html .= '<div class="wporg-profile-description">';
$html .= '<p>' . esc_html( $profile['description'] ) . '</p>';
$html .= '</div>';
}
$html .= '</div>';
return $html;
}
return $html;
}
Video Transcript
Here’s the translation of the text to English:
Hello, this is David Pérez, so you get to know him.
He comes from the community of Granada and he’s basically a genius, I mean, there’s no need to introduce him or say anything else, really.
He’s a genius, a round of applause, right?
(Applause) Well, let’s start a workshop.
I want it to be very practical, for those who know me, I like very practical things, even if it’s just a few tips, and take advantage of it, ask questions, stop me, interrupt me, everything, so we can establish some concepts, which are very simple, and because it’s increasingly necessary to have our WordPress connected to different systems, ERPs, CRMs, backends, things to advance. I am a clear advocate of WordPress; I make all the web pages in WordPress, 100%, but when I have to work with development environments, administration, and such, I don’t use WordPress because WordPress is not designed for making, for example, a production backend, I mean, for example, managing a workshop or a factory, WordPress is not designed for that. It is designed to be the visible part of that company that needs some information from that application, for which there is the API, which is what we are going to teach. So, each one in their field, WordPress is our best companion for police matters.
Well, let me introduce myself quickly.
I am the co-founder of the agency Closemarketing, which also has a technological branch, Closetechnology, where we also send plugins and do a bit of everything with WordPress.
I am the CTO, so I handle the technical part of the company and always try to keep my team ahead of the new technological challenges, every year there are always new things. I am also very involved in the community; I was a leader at the World Cup in Granada, I am organizing the World Cup in Europe which is very cool this year in Athens, I encourage you to go from June 9 to 13, and it’s like this but multiplied by 10. Any World Cup, so last year we went to Porto and this year we are going to Athens, it’s very good. In my free time, I am the director of a sports race I organized for my father, I also get involved in collaborative projects, raising funds for a non-profit organization. I also got involved in Mita, and in the Work and Granada this year, so I encourage you to go on October 2 and 3. You can find me on Twitter at @davisperospcmk, I also joined Mastodon, and on my personal website you have everything, okay?
In fact, you have the slide there, okay?
Well, let’s talk a little bit about what an API is.
What is an API?
An API is a way to connect, well, it stands for Application Programming Interface and it is a set of rules and protocols for interacting with systems that you don’t know what’s inside.
You don’t know how it’s made, nor do you care, what interests you is to connect, retrieve information, read, write, you can also write, update information, and from there you use the rules and protocols defined by the system you connect to.
If we connect, say, to a CRM, I have to see the documentation, see how I can connect, what I can interact with and do.
We do this interaction.
Normally, not always, but usually, it’s done through a structured format.
The best is JSON.
JSON is a language that is well-structured for variables and is very easy to work with in WordPress because we have a function called “UVP JSON Encode” and when we get JSON, we can.
“UVP” or JSON Decode, there are functions that allow you to encode and decode it, and there’s also XML, which is older.
When we encounter XML, we’re saying “Wow, I’ve found an older system.” PHP doesn’t handle it as well, it’s more cumbersome.
In the API, they usually work with that.
There is a type of authentication because we are dealing with sensitive data and usually, there are various types of authentication.
The ideal is to have authentication.
When it’s a public system, like the practice we’re going to do, no authentication is needed, so it’s perfect, we directly read the URL and go.
APIs have become very popular due to mobile applications, and thanks to mobile applications, we find many applications that have APIs because to have a mobile application, now not only because you can even program the application with the same language as the mobile application, well, but usually it is different programming. When you make a mobile application, the mobile app asks the application “Hey, let me interact and read with the users.” So, what usually happens, what is most common, is to make an API, give it to the mobile team, and the mobile app interacts with the application, for example, I don’t know, an ERP, a CRM, they have mobile applications today, they all do it through APIs. Another very well-known example of APIs is WordPress itself, which has many APIs, and it became much more popular with the new editor.
The Gutenberg editor, those who know, the new editor that WordPress has works with React, which is a programming environment, and to connect, even being in the same administrator, to connect to WordPress and retrieve data from the content, it does it through APIs. Thanks to that, the WordPress API also required the PHP people who are used to more backend work to create all the programming to interact the editor with the WordPress database. When I have many projects with APIs, the first thing I tell the application I want to connect to is “Please give me documentation, otherwise I can’t connect, how can I connect, what authentication do I have to use, what data can I read, what can I write, everything.” And there you find, well, the bigger ones send you a PDF, others send you the summary, the summary is very good because it allows you to even interact without having programmed anything with the API itself.
So, it’s very good because you put in the authentication that the API requests and you can interact.
So, well, here I was giving some examples of things I like.
So, for example, Holder, I don’t know if you know it.
Do you know some Holders?
Well, Holder is a very well-known ERP because.
Oh no, this is my developer one.
javascript, perfect, I was missing an “s” and almost all of them if you notice are almost the same, I’m going to show you two that have nothing to do with each other and you will see that they have developers.
javascript. You see they are similar, they look alike, they have more or less the structure, and this is Postman, which I will now tell you a little about the applications to erase the API, they give you the free part for those of us who develop and the documentation environment part they give you with Postman.
So here, for example, with Holders, we see all the entities, how we can connect the dedications, like all the entities, you can connect with contacts, products.
It’s an ERP, you can generate products, warehouses, taxes, treasury accounting, here I mount payments, documents, here with this, you can generate an invoice through API, I can generate an invoice in the official ERP, I can retrieve the PDF and send it to the clients.
Depending on the application, then well, here for example it says welcome to the API, I say perfect, let’s go to the next thing, the API, now I’m going to tell you a bit about the types of authentication, well this is the URL you have to work with, well this is to get the authentication and from here we start working, well look, if you want to list contacts you have to use the Get method, now I will explain what it is with this URL, even here it comes if you put an API key you can try it, it even allows you to generate the code, even here you have to get it with PHP, which now I will say don’t use this, let’s use what Warp gives that is very very good and much simpler.
Here it tells you to install a library and from there take a class and make a get method, that is no longer necessary in Warp, now I will explain why.
Well, we can create a contact, here you can do everything.
So, the documentation is very important.
Before being able to connect it, give me your documentation.
Usually, the software, almost all of them have an API, I can’t think of one that doesn’t, and they all also have a developer section.
For example, Spotify for example, can I interact with Spotify?
Yes, perfectly, if we put Spotify, developer, here it has a developer part, almost always the term developer is used, developers and here it tells you so you can interact with Spotify.
In general, cloud software has an API almost always.
In fact, I tell clients when they are going to hire me for a tool of any kind, I say if later we are going to use it for the web, it must have an API, it is the requirement that works for you but that has an API because the API then allows you to interact with it, there are software that have become obsolete and are not in the cloud or if they are in the cloud and have not done it, you may find surprises.
There are tools that send me a CSV in an FTP folder, that’s a disaster because you have to read CSV, not always read, a disaster.
So the best is to have an API that you can interact with.
When you also need to interact with that system, always ask for the documentation, the documentation, how can I authenticate, how can I interact.
And once we have that authentication, we have to do tests before starting to
program.
We have to see the entity, what kind of information it provides, how I can process it and all this.
So, there are many API reading clients.
Before continuing a bit, I want to know a bit, who are the developers here, have you ever programmed?
Are you all developers?
Not here?
Here more or less.
Perfect.
And do you have the local development environment?
Do you know how to work with local development?
Perfect.
Well, within the local environment, you can install an application called Postman, which I use, it’s free, you download it, and even if you use Visual Code, the Visual editor, it also has extensions like ResClient, there was another one called Octopus, there are a lot, so really use whichever you prefer, which is more comfortable, try it and since they are Visual Code extensions, for example, that you can delete, no problem.
I started with Postman and I stuck with it because I have everything there, now you will see my Postman folder, which is huge, transferring all that information to reprogram it because it’s integrated is not worth it.
I work with Postman, it has a simple interface, here we have what are like folders, here as you see I have quite a few integrations done and here I have one called WordPress, I can even have another WordPress and interact with the same WordPress and here I have an example where I put the URL, now we will see what it means.
And with the authentication, because of course, I can’t read products, it depends on how you have configured WordPress, but I do a send here and simulate a real-time API request and it is giving me real information.
Here as you see I have VoIP software, a bit of everything.
So I can interact and retrieve this information.
Here for example it is giving me a request, I made of products and since I didn’t specify anything it gives me all the products and here it will show the largest.
You also have to work on pagination, usually, the API doesn’t send you the entire database of pages, so you make a recurrent and do the pagination.
Here as you see it gives me an ID, 1904 with a date, here you are already seeing in this interface how it gives you the date and I would start the manipulation.
I like to store the date numerically but if they give it to me like this, I normally process it and pass it to SDRTutime, I say pass it to me numerically and I can work on it.
Here it tells you when the modification was, the SLU, this is an entry of a product from Clos Technology.
Here it even shows me the link, the content, notice here the content is included, it gives it to us rendered, which says rendered, and well even escaped, if you see here the quotes are called escaped, that when we decode it, for PHP, JSON cannot be worked because it is a string, so what we do is convert this JSON to an array and with the array, we can do a recurrent, work on it and take the entities.
But well, you are already seeing here how it is structured and here you see there are two levels.
I would have to do the array and the std and then take this, this would convert it to a double-level array, so I take this and this to get this information.
So here I am seeing the levels of JSON as well.
So normally when you take an API, first see the documentation, put it in Postman and start to see the documentation and do a simulation.
Make a request, put in the authentication and send it.
Now let’s see that there are different types of requests.
These are the requests that the API can make and here the GET is to retrieve, give me the products the store has.
So if I have a mobile application that wants to connect to my store, I would make this request to retrieve the products and show them to the client.
Obviously, if it is an online store and I have the mobile app, it might not be of interest to show all the content with the featured image which will also be here, sometimes called “featured”, look, “featured media” and it gives it to me by ID.
Here, for example, we are seeing that I would have to make a second API request with the image ID to retrieve that image, okay, and by taking the image surely I think if I remember correctly from memory it gives me the different cuts I have defined in WordPress so with those cuts I will take and in WordPress, I will say I will make a cut for mobile and I take it by API and show it, okay, so in the end with Postman, which is what I use, I interact, I see, I configure, even here it gives you a code, okay, all the tools come with the code but as I say it is not useful in the sense that here for example it gives a curl and if I put it is that as I never use it now here, well, I can say give me PHP, PHP concur, look at everything it sends me.
Well, this in WordPress is three lines, if you save all this which is native PHP, it works in native PHP but if you send the plugin to WordPress you will see they won’t accept it, you have to use native requests. So, I have documentation, a client to interact with, and retrieve information, I see how the information comes and I work on it.
These tools are fundamental to see what the API gives before doing any programming.
Many times they give you documentation, it is not updated and before starting to program you have to test it.
test and say “Wow, it didn’t work. Hey, look, the authentication you said doesn’t work, doesn’t serve me,” and start talking to the provider and you get it.
Okay, types of requests I have in API, as we have seen they are protocols and now I can make several requests I have five in total but they are not, that is, not all APIs have all, the usual is the GET and the POST, the normal ones sometimes only have the get, the get is like the fundamental one if it doesn’t have API because it is the reading and then here we have a series of requests that the names more or less are descriptive get retrieves information, read, so I make get requests to read information as you have seen by a store, read the products, the featured images, all requests Put, what is Put?
It is to update.
If I retrieve one.
if I do the store mobile application example again.
I do a get of products and I have put an administrator here to be able to change the product information and I already have an ID, right?
The Put with an ID normally updates the information.
The one I change, I will change the title, I will save it.
What it does is, it makes a Put request with an ID, normally all that is in the documentation and I put the information I want to update. Why do I say this is not entirely usual?
because normally many times it is done with post, post is sending, it is like creating a new contact, for example in the ERP example I can create a contact with a post but many times also if I give it an id in that request it acts as if it were a put, so it already depends on the documentation we will find if it has post and get or also put, to be more strict it is better put because that way it is telling you this is an update, you are like forcing it, so if you don’t put an id on the put it will give you an error, instead if you don’t put an id on post it will create a new one, a new entity, whatever it is, a contact, a product, etc.
So, I say it depends on the API, how they have programmed it, the more exacting and so on, they usually put a put request, to update the contact.
More things, the POST, so I create contacts, I update, depends on the API, then the DELETE, which I use very little, I don’t like to delete data from an external application unless it is a project necessity because you can have a forage and make a mistake and start sending.
Normally the delete if you give it an ID like the put, it deletes the entity you tell it.
Normally you will have to specify the entity you want to modify, for example, a contact and an ID.
So you tell it those two things and it deletes the entity in the application.
And patch is also, depending on the requests, the update.
So we have seen the function, as you see, which is quite comprehensive.
This is from a CRM called Clientify, and here we are asking for a GET of all this information.
And here I even have the update, a touch, okay.
Don’t look at it because it doesn’t exist, it is not real.
So I am making a GET request of this touch, and then what happens.
that it will give me here a result, response, that I will be able to work on, okay.
So, okay, as you see, it generates that code, postman, rest client or any, doesn’t meet WordPress Coding Standard, I don’t know if you know what WordPress Coding Standard is, here they say yes, nod, no, yes, yes okay, WordPress Coding Standard what it means, is a syntax that defines us, well, a compendium of rules that very good people have defined and thus tells us to have the same style when programming.
Why?
For several reasons, for security, to read someone else’s code and be able to read it normally and all these rules you can install.
I encourage you to invest a little more in my blog or as I document how I do it and put it in my blog.
If you look for Coding Standard I tell you how I install it on my computer.
I put it in
the editor and it tells me as if it were a spell checker that you change the definitions.
So it defines this for me and when I put the CURL it says no, it is not allowed to use CURL rules to interact with the API from WordPress.
If you put it and continue, nothing happens, but if you send the plugin to the official WordPress repository they will reject it, well they won’t reject it, they respond, they give you a series of rules that don’t define the code standard and make you have to fix it, so since we haven’t done things right from the beginning and saved the work of doing it one way and then being returned, let’s work with code standard and here you will learn directly, so that’s why I said that when Postman gives me a code I don’t see it, I see the dedication, see that the API works and start programming very simply that I will show you and then in the exercise we will see so you can program it.
We have defined functions in WordPress, you have seen that we had five types of API requests but there are no functions for each one because I don’t know, honestly, but we have the following, we have “wp-remote-request” that you say well, the “request” not, I hadn’t said your API request, no, this is the generic one, that within the argument, and I will show you the argument, we can tell it what type of request, if it is “get, put, pull” or “sapatch” or “post” or “delete” or whatever you want, so the arguments are put in, so often one is enough, with the “wp-remoteRequest” so what I do is make a function, call it API and within that function put the “wp-remoteRequest” and in the function put the parameter I want to use if it is “get”, “spot” etc.
But sometimes in programming, if I simply need the “get” because it is a public app we can use, wpremote.
get which the arguments are simpler because you don’t need to put the method in this one you do, in this one no, because it is assumed to be a get and with the get, with the url it retrieves the different.
it returns the data in the same way here the arguments we will see how to make the arguments for that authentication, those headers, that body we have to make requests because sometimes they say well look send me the latest modified products how would I do it.
with the arguments I send here, reading the documentation tells me put it in the body and says modify and a date in this format so I construct it do the wp remote request wp remote get and say modify and put the date so it returns that’s more like for us for example when we often have online stores we want to sync them with an ERP system we often have to do like a cron so there I find applications that don’t have modify that’s a hassle you have to bring the whole database and go back to review actually I find that often and the modifier would be a very simple request to give me the latest modifier what happens when the application doesn’t have modify for example jose doesn’t have it which is a very well-known ERP and look I’ve sent tickets nothing he laughs because I sent tickets and no case and I say look that besides actually it gives you the product and the modifier is not well because you make changes in the product in the ERP bring it by API and let’s see the modifier from three days ago so it has nothing to do with one another, a small disaster but well except for surprise normally in the Remote Get is Modify well great for example if well if we wanted “look I want to update my online store every hour or every 15 minutes” with Modify we could do it because you put a 15-minute variable so bring the products and if it brings one or two it is quite light these requests.
Remote post the same when I want to send information the same, the url, the argument, etc.
And remote GA, I don’t use this one, I use this one normally or one of these two.
For PUT, for patch there isn’t, I mean there is wp remote and so on.
So, what we have to do.
If the API says “to update a contact, you have to use the put method”.
So I have to go to “remote request” and the argument is to say the put method.
Here, well, a lot of theory, but now we get to practice.
What argument do I usually use in those arguments.
Which is an array that asks for different arguments or I put let’s see the documentation doesn’t say much and normally here I tell you to be useful I put directly the requests I use more okay and in fact I will give that has cost me years of various updates that ask me the right array I use so having the slides you will have them, you can copy them and if you use basic authorization a username and password, well I say what I have used the most, you will try the method, if it is an array, it would be method = arrow so here we can say the type of HTTP request it is only used in this function, in wp remote remember when it asks me for methods like PUS, DELETE, etc.
Timeout, by default the function, if you don’t put Timeout it doesn’t take a default, it is 10 seconds or so it is in case the API takes a long time to respond or it is usually, the response times are also many times when we ask for a lot of data when the API doesn’t bring pagination and I say give me all the products, it sends 10.
000 products, of course it is not the same to return in pagination of 100, than to return, well they don’t bring that many but well so it depends a bit how it works you have to put more or less, I have found APIs with SSL without verifying and I have to force it, for security Word, if you don’t put anything the API always takes secure, obviously we are handling sensitive data they travel over the internet and must have SSL but well, you find surprises here, this you don’t put and that’s it, it works perfectly but if you find a surprise that doesn’t respond in the response, says there are errors you put SSL Verify and falses and it works and you put your hand on your head because you are handling data from APIC without SSL but well, there are all kinds and then we have the headers and the body the headers are usually, and now we will see several documentations, where the authorizations go I can find the authorization in the body.
I can find, but usually they are in the header, so if I make a token, usually it asks for authorization and I make a token, the same arrow and token and then the API that gives me the authorization and I usually force the content type to be JSON, I think you said, this is the one that more or less is handled because you bring it, you convert it immediately to an array and handle it.
And the body is usually when, what I said for example, I want to bring the products modified in the last hour.
Usually that type of query, or requests, are done in the body.
The usual, I say again, depends on the API.
And type of authentication.
These are the four authentications.
The one I usually find almost always, in 90% is the APIKey.
Holder has it, almost all have it.
So, they usually give you a developer section and say “Look, enter this developer section” and give you the constant, the key to interact. That’s the most common, but well, you can find everything. The one we use for WordPress, if we do something for WordPress that, let’s say, connects to another WordPress, we use the basic. I don’t know if you have noticed that since.
I don’t know, a version, I’m sure you know a lot more about the version but from a version they gave an option that within the user you had the username and password and also another called app password, or well, you haven’t noticed and that is a different password so that even if you change your user password it can continue to interact because the gd application works if you put if you change the password so you can work with either and the token beater, this is the basic username and password API key, a string sausage and the token beater is usually that you make a basic, it returns a rather long token and the following requests are made with this token that usually has an expiration depending on days or things like that. So what I always do, well, when I start the first request, I make a basic and the token mirror and then the following with the token itself, okay.
And the OAuth, which is not very common, but this is Google’s for example, right.
The typical one, you go to an authorization page, authorize it, and return it to the page.
So, you have to program, ask the application to generate that consent page, receive the consent and that consent usually returns a life token.
That you have to store in a database to work with it.
That I do, but it is the least I find.
Unless you interact with Google to do all the services, you have to work on that.
It’s a bit of a hassle because you have to program a URL and give it to Google.
I’m doing the example of Google.
you have to give it to Google to return that application and store it and return it, okay.
and then on that page which is usually the.
everything is correct.
so it works, okay.
and how is it programmed.
in WordPress, okay.
so in those arguments I was saying within the VPN Remote I usually work this, okay.
so well, I work them.
Here I put the SSL Verify, this is wrong but I put it to be in the example.
And here I am making a request with an argument, with a header saying “work with JSON” and this is an
application that tells you to give it a clean ID, a clean secret, a user and a power.
And the GrandType is Power.
Well, that’s it, I programmed the application like this.
So that’s it, I connect So they usually give me This for example, the application, now I remember what it was It gave me this, which I put in a constant Or saved it in a base, this was fixed And this the user and password I had to give it So, in these things what we usually do is a settings page And in that settings page we make two users, put your username and password here to connect your application so we save it in the database, do a getOption and cutting I ran out of time and I don’t know if I do a getOption and retrieve the user and password saved in the database and here I say don’t use SSL, this is very bad, but in this application I needed it and a timeout of 50 or a second you go testing because the requests when you do them give you the responses so you see if it has errors if it doesn’t have errors, takes long, takes short, you go testing.
Another type I use to connect with WordPress, this argument I make a header and say Authorization Basic and encode in base64 with the username password username, colon, password.
With this, you can connect to another WordPress and now we will see the rest of the code.
I have as you recall a URL and arguments and here I have my request arguments.
When it gives me an API key, these are the arguments.
I do the header here, say authorization, put a token, a token and the API key, this text you saw, I put it and put a timeout because the default one is short, I put 20 seconds and with this I am identifying with another WordPress and for example a project has been “I have a WordPress to sell and I want to connect with another WordPress that is an online store, or an online academy, so I do when the sale is made and there I launch a wp remote in a post and send the information, so create the user and do it etc, and the token vira is a bit trickier, but well in the end, it is asking for a basic one that is part of a complete function so I there not to repeat myself the drive directive that I try to follow a lot which is “don’t repeat yourself” so I don’t repeat continuously I have an API function so if I don’t send the token credentials, if they are not empty, so if they are not empty the token, use the token stored in the credential and make a vira authorization and if it is not, do the.
that’s why I have to do that function or I have results sometimes when it is a request for example to the ex product for example I have to say so I take the username password, here I do a ternary of the credentials use name and give me the empty and encode this in the body.
This API asked me to encode it in a body.
Well, I encode it and send it and then it returns a VIRS and this VIRS I use again.
Repeat and I tell you more times, this is a way to have everything grouped in a single request and what I do is execute the function twice.
Don’t worry we will see it in practice and what happens imagine we have a footer and we have I can think of for example there is for example that the server is green or not there is a pipe then you can say hey this is the green video then you give the domain and it tells you there is an API for that imagine I have it in the footer so every time a user if it is not cached, every time the user sees that page it is making an API request, API requests are usually slow, not usually fast there are faster, slower so the requests, notice I am making the user make an API request continuously on one side the API will say “you are making too many requests per second, I will block you” there are APIs that, even there is an API that is very funny, that when you make requests, I don’t know, 20 or so, after 20 it blocks you for 2 or 3 minutes.
If you are reading products, you have to check that API hasn’t blocked you for time if it has blocked you, you have to say “wait” so you can do it if you have it right in the frontend that is very slow on the page and you are asking too many times the same information you already have stored so how is this done.
well there is a very good invention of Warp called Transient what does Transient mean.
which is a way to cache information with an expiration I say save for example let’s go to another example the last modified products and if I want to show it later on the frontend several times I would work with the transient and save the arrays of ids or even the information I want the image the such so I tell the transient save it and for three hours or four hours now in the next the Transient code will come, so I will show you not only to make API requests but to save it and cache it and then show it to the user when I want so, how do you usually make an API request.
I make my function, the arguments I gave you, with an API URL and make a.
use vprimotget, here for example I made the request with get say retrieve, what it returns is a response, because if you make a printr to the response, it gives you headers, raw bodies, everything, so it has a warp function called “wpRemoteUtilityBody” and returns another, a response body and this body I can decode because it is a JSON, with JSON decode and from there I see what it gives Normally it gives a response code, says “look, the HTTP 200 request” so it returns the information and here it is and gives an array.
So from this third function, I can work with the information given by the API.
Now we will see a bit in real-time and since you have laptops, we will see a bit what to do, okay, with these three functions we return the body response, this would start working, so what I usually do normally, I make a function that connects to my API, do the arguments, do these three functions and from here the returns are return an error or return okay with all the data I needed and here I showed the transient we will see too what it does, and we use it in the profile, because we will make a plugin that will make requests to WordPress.
org and send us the profile information of our user.
So, if I put it on my website, what I said again the example, I put it on my footer, I will start making requests to WordPress.
org and there will come a time, most of the time APIs block, have a series of requests, so if you make many simultaneous.
So what you do is cache, make a request every three hours.
This is what it does, I explain.
Get Transient with a key you can make the syntax as you want, this is the syntax I use so I remember.
But here you can put Manolo, Pepito or whatever you want, it doesn’t matter so this returns the information or false, so if false in this line I would do the vprimotget, vprimotget, because we are reading and put it in this variable and save it with this key, with this information and for a time there are constants in wordpress that say hours in seconds times three, so you can put the seconds.
So, what does the transient do in practice.
I read the information from this variable, it returns it, what three hours have passed.
It makes a real API request.
So, the first to pass the three hours makes the real API request and all the rest see it with your cache so you are working with your local information which is always faster always or not the same as you give a database as you have to ask a system retrieves the information, manipulates it transients very important and for this example we will see and I give the theory it is more or less good how it goes and you haven’t interrupted, you got it all.
Let’s work if you want to take out laptops and we will see a bit what we will do.
They laugh, they laugh there.
Let’s see, for this example, I made a plugin, here I won’t.
well, we also get into detail, here we have the opportunity.
I made a plugin that will connect to WordPress and show the profile of WordPress.
A cool thing this plugin could have is to give the badges, I mean, I could for example have it on my personal website and see all the badges I have earned by interacting with the community, but it doesn’t.
Well, here is the information it gives us.
Let’s see it here, taking more time, an hour.
Hey, I’ve already spent an hour.
Okay.
I love it, I go.
Does this pass here.
oh okay because this request doesn’t have.
this WordPress request let’s see if I can get the documentation is that they gave it to me WordPress API requests are very hidden and here it is yes here it is in user notice the documentation I have from WordPress and if you enter REST API Handbook, here are all the requests.
We can even get plugin requests.
How many downloads there are, a lot of interesting things.
Well, they were removed for a time.
So here we have the endpoint.
What does endpoint mean.
Let’s see if I can explain it.
When we have an API request, 100% of the cases we have a base URL, which is for example api.
domain.
com/version because it is important because if we don’t version the API it may be that you make changes to the API and stop working applications of many users.
So it is good practice to put /v1/v2 so that the developer has time if you launch
a new version of the API to modify it.
Take care of developers, we always like to be taken care of.
At least we ask “Give us versioning” so if you launch a version 2 I have time to program it and work on it but that v1 keeps working.
They nod and find again that no.
Here it says I can use the version of the user and here says the schema, it will be a documentation like this WordPress gives and says look if it gives me the ID, the user identifier, the username, notice here this is what returns I think, here is the list user, so it says look you can make a request that is /wpv2user this is the Warp.
reg, not the Warp.
reg but well, it serves me for the example and here I can know the users of a notice that Warp does versioning, here puts v2 so if Warp made a new request, a new request v3 so we developers have time, more the v3 because surely the requests are faster, has more arguments, etc obviously a new version is made for something.
So in my example, I programmed here I have my url which is wordpress.
org/wpjson/wporgv1use.
That’s like the base URL.
In fact, I saved it here in a constant because it won’t change.
Here notice what I did Here I gave the translation and made a shortcode Here we weren’t going to put more things What I did is put a shortcode called “webprofile” This code I will leave in this for you to work on It is a single PHP file so you don’t complicate with more things I explain the code I made this would be web profile and it will execute this function with some attributes the attribute, if I remember correctly, here I have to say chiclana was user, user equal to I don’t know what I put “vp profile” and “user davis perez” which is my user so it connects the API and can execute here I put if you haven’t put any says “davis perez” and so, as this doesn’t need your application, doesn’t need query, doesn’t need anything we do a “wp remote” directly to the URL and as you see here in the comma there is no argument no header, nothing so I am saying, give me the URL with the shortcode Would be all this URL wordpress.
org/vpjson/v1user/davisperes that if we navigate to this URL that I had here it will give me the JSON, this is the JSON While it says, notice what it gives me, gives an ID, this ID I don’t know what it is, but I already have an ID here Gives me my name, which I put there, gives my URL and gives my description, the link, a Slug Gives different avatars in different formats, in 24, 48 pixels and 96 pixels gives an empty meta and here says HRF Self and a Collector, which I think is the same but well, in the documentation explains more, but here it is clear there is the URL and here is the.
this JSON is what I have to work on, this is what it gives, here it would be cool to give the badges to put here like badges and so give the badge so we could do in the plugin that would be cool to have the badges but well it has stayed in a simple plugin but well at least to take and show results so now I am working with with this request I do a remote and here return a response code and if it gives 200 retrieve the information.
Here, maybe, I should have worked an “iset” so it doesn’t give fatal error.
The arrays that don’t have a key here I am correcting myself Here it says if this variable is defined and it is 200 keep asking for information.
So in Key Profile, retrieves the body information and decodes it.
This already, the Profile is an Array, from the JSON I saw and an Array.
And let’s see now, quickly.
Here I put a style, I say, this is a peche peche, it is wrong because the style should be enqueued and all these stories, but for the example I didn’t want to get into more files and more queues.
So I put a style here hardcoded, this should not be done, but I did it to be seen.
And start working with this profile variable that comes from the API and start doing.
Important to work with “iset”, important, otherwise you show fatal error in your code.
A very typical is, “iset”, if that array is defined and has value, it is simple, you can do quickly with “empty”.
“Empty” is an “iset” inside, so if it is not defined it gives a false, passes to the next so what I say is if not empty the url to avatar we saw in the JSON show the avatar and here I use 96 and here the same if not empty the profile name so I am showing the information and displaying it and here I took the url well here also I should say if this is defined so here for example, well, sorry, and set, well, all the keys I have to verify they exist, otherwise it gives, if for whatever reason, not the case, but you can’t depend on the API giving you information or not, so better, hey, since I am touching this array, let’s verify it is defined and then execute.
So I do an echo and a tar.
Here as it is a shortcode what I do is a return HTML.
So this is simple, the avatar, the name and description.
Let’s see the result.
Here I didn’t work the transient and let’s make a transient to not crush the API, so I think here it is, activate the plugin error activate and what it says is a shortcode so it should look at it took my avatar photo, took Davis Perez even with the link and the description.
This page, imagine I have it my Davis Perez Gar page, because I want to show my WordPress profile, etc, and start putting it.
So start making requests, what I want is to cache this, so it doesn’t make requests to the API.
So, how would I do it.
With the transient, as we saw.
Here I have a trick trick that is.
notice I make a remote that is, well.
so what I would do is make a before making the API request cache with the transient and see it has an expiration and show it, okay.
and if not make a remote that is, well.
so here wp back, I have here a.
so I say, WPOR and the variable, sorry, WPORG, the variable user, “wpUser” so, the “transient” I would say “getTransient” see.
it seems to see little, right.
you haven’t complained, huh.
you are silent, I don’t know if I am boring you are you scared.
they are scared, yes I make a “getTransient” of this variable that I saved in my database and if it doesn’t exist or gives me false because the false is provoked if expired makes this request.
So what I would do is.
here quickly.
well no.
to do it well what I should do is save the array of the profile, I mean I should cache this so what I would do is.
one of these.
here.
and one of these.
quickly, okay, so I would really save the profile, which is the array of my user with a three-hour expiration, so every three hours the first next request would make an API request and save in my cache that is “web org query user” and from here I start making checks, I do the HTML and all that.
So if if there is ever an error, would show empty.
Always take care of fatal errors and all this because we can create tragedies in websites that stop working and if maybe it is part of the content the footer doesn’t load and footers often have JavaScript, so you can break websites if you don’t work with the Isers, in the Arrays and in the Empty when we want to define value.
I don’t know, Spotify has here.
does Spotify work.
I have done in a lot of documentation.
Look, web, APIs, look.
for example, here I could show with this API my music list and show it on my website This is very interesting, now I just remembered because software usually have the bad habit of giving, well if include, for example, a travel booking application and tells you no well do an iframe on my website, but iframes don’t rank, don’t keep the SEO, so it may stop showing information to Google because the software didn’t give the information well so the API also helps SEO, because it shows those plans you can then use.
When you don’t have API documentation, can you do something like passing the WSEDS and making a request to see.
It is a jungle.
Or no way.
Yes, yes, sometimes the API itself, when you put the URL, gives like a request.
Sometimes yes.
But it is prepared the API, right.
Yes, yes.
Yes, yes.
That’s why you mean a Mero list.
Yes, method, yes, you have to be given somehow.
And if developed like this.
And for the list.
Yes, there was an API that you gave a parameter and gave the.
Has brought out an AI, which is quite produced, but.
At the end, the mic is forgotten.
(Orders) (.
.
.
) Only gives the URL.
First that the URL speaks, if not you can’t invent.
And clear, here for example, here says “require HTTP”.
I was seeing here if I found something.
This gives the code to do it through.
.
.
Here gives some options, etc.
At the end, the WarpPres ones, for example, here has.
.
.
Well, I can’t tell you, let’s try one day to test and if it let us.
If we put this base.
.
.
Look, here has the
example.
Look, I gave the base URL, the WarpPres.
org and gives, this is version 1 of the API and here has the endpoints, which are the requests it can make has by get, has methods get oh look, here it is, this is the one I used, the user Here has user, so if makes a request of www.
warp.
org/v1, here, if does this, /vuser, here will find an argument, already reading, yes, more or less understand, right.
Yes, the argument.
Paginated, happens in page of collection, which is default one.
Clear, if says a user won’t have pagination.
Per page, so can handle pagination.
This is good, because depending on the application, if maybe doing.
.
.
But this doesn’t launch all versions or.
.
.
I tell you, it is a jungle I have found software saying no no, API, what is API I give you a CSV and you manage man, let’s do the same because I, the API I can control when I want and make modified requests for example, the modified you say I’ve repeated, I could give a modified request in the last hour so it doesn’t have but a lot so what you have to do find the people so, find your way as we all do.
You bring the whole database, you manage with the inefficient because the API takes longer, you bring the whole database, manage I have done for example intermediate tables, what do I do, Holder doesn’t have the latest FICA, how have I solved.
Well, I made an intermediate personalized table in WordPress that saves the product ID and a flag 1 or 0 so put all to zero and then what I do is take all the products save them in that table and when I do the request do five or ten and go through that table and set one when I finish well, a solution yes, yes, indeed but the modified.
.
.
no, what I do is go through because if gave the modify I could save in another column that was modified so I would.
.
.
eh.
.
.
give the modified but not and that is very used, I have used a lot but find everything goes so, yes, it is the jungle Let’s see, if the client, first the client, who usually is the client uses the software so the client usually pays those tools, so says “hey look my developer says can’t interact with your API, what happens.
” usually has more pressure the one who pays, than you who are.
.
.
the one who charges, right, in front of people I have told the client send an email and I get some love Another thing that happens, when developing and writing in database You can’t do it in production, imagine doing tests, enter a product and so on And start associating in their database, because only asked for a test account After one it is group therapy.
Those with a test account are great because you connect and start writing.
Typical “I make an order and want to write in your application”.
Well, to test I have to send data.
so ask for that test account, if given, if not given, what do you do.
Make a free account, because not paying an application and if used, and usually is an expensive application, or well, depends everything.
Can make a free test account, yes, yes, calls the commercial, hey, I saw interesting our waters, and you, no, I develop, my client uses, but since no test account, well, story, I tell you.
So, these are tricks you do as you go fighting with the API so test accounts usually for.
.
.
when only reading a client says “no, no, read my.
.
.
“, you don’t need, make a guide and that’s it.
Yes, then you find, it is a jungle.
I say, my last fight was with a person who sent a CSV, I thought with a CSV what do I do, when you leave, don’t know when you leave, tune the time to leave.
(.
.
.
) Yes (.
.
.
) (.
.
.
) Yes, yes, there, group therapy, from now group therapy, tell stories, well yes, you find everything, okay best to have documentation, actually, see you have clients and say things, look I want my WordPress have information, see what uses, usually if the client already has software adapts, but if no software you say look I have this API if don’t mind, then you see a bit, also close the client, hey if the software you see to hire, has no API, strange things, also the API is a way of factusol, well no, factusol has happy now just last half in malaga told someone had to connect to factusol if has the database in the cloud, if in local no ah okay, there is a lot of creation and the mental change is what comes out yes, indeed, another comes and says look ask happy that costs no know how much and well, depends not usually a major account so what finds is mal formatted Jason or put in a stream once said because not get well the Jason and was because between quotes did a strange thing and had to format again before JSON decode had to do so, did a strange thing so in the end, yes, as a summary mode and ask more things first documentation I document, give me documentation I know what authentication has, if API perfect, because with an API enter and take, save in a database, perfect, is by token bieres, nothing, make authentication, take the bieres, can save also in a transient token bieres, see the documentation how long the token mirror.
The token mirror, what happens, calculate a time not execute, but not always execute that time the same time.
So you have to check the function the token mirror not expired to regenerate.
story you find.
I say the 80-70% of API almost always is the APIKey is the most comfortable.
Or you have to do more checks.
If the token expires make another request.
So look, at the end not have time to see the code, but I say anything, as you have my website, ask me no problem.
So use VPR Mode, let’s see if I make the summary, the documentation well documented can interact, the client has the power, the client pays has the power, so can ask for documentation, test account and write data not in the client, write when programming finished review programming, program and from there do tests, errors and finish work.
And especially use Abstrancia, when have requests always important Abstrancia.
I say, for reading this example I did of the profile, not put in production if not with a transient because if not publish in the repository and say “find will start, generates some success and make a play and known” now start, you can break a service quickly, sure they have blocking systems to keep the service available to users but gives a bad service because users “hey I give and doesn’t work” sure all those things the transient guarantees you do well your job.
Very easy, put an expiration in seconds and estimate.
I usually put, as are three hours, the first request does, not like more.
That there is information that doesn’t change much, say, well, late, put six hours, a day, no matter, put three days then the transient not serve transient is for when you follow, request but not, you say for finance, no.
there transient not serve what happens is you save or in database or a transient of that data batch (man speaking) No, no, like that.
That also is indeed.
You are there and transient not serve, for example.
Because not show expired information to the client.
To put minutes not serve.
Unless, see, can put 60 seconds a transient, no problem.
Yes, for example, not asking.
Sure, think that.
For that thinking, so not make requests always, make only the first time.
If have, to say, thousand visits, not thousand requests, of API, are thousand visits, so, a request every minute or so.
Yes, try.
Here I gave the rules, but from there, the first time use.
Give the bases, already working, okay.
(Murmurs) No, not heard, only recorded.
Not remember the time.
(Laughs) Wanted to ask how log or track the actions you do to update remotely, for example, if integrate with Holder, can make request to buy a service product, do that somehow.
Yes, in Google Comer there is a method very good, which is Vloz, inter, which.
show.
Deboog Log Add or so was.
Deboogie, look at is debugging no, this is not it.
There is a method log, not remember, worked, but for Online Stores should be okay not remember if not after not remember as will be here that I go to the code so not recorded all but that is if make an online store can use a method that has Woocommerce with the object.
do you remember Pedro.
there is an object WooCommerce has which is vc2.
not sure, speaking of memory, so log, so you enter a command and maybe the API error return and when error, you have a code for code 200 if not code 200, save the error, then save the log and in Google Comer, in status log, there would be, very easy, very good, then depending, what.
yes yes yes for Google Commer, yes, yes, sure.
Is Google Commer has two very interesting things for the API.
Has Actions Schedule, which is like a library to make background requests.
Uses Google Commer Subscriptions and all these to make requests.
Look for a Schedule, very good.
And has another is Debug.
No, can save.
I like to enter directly and save.
I like to put a warning, not authenticate, like correct me I should say,
can use no problem the CURL, well, good to see the look for code.
That can put, put a file and save error log and save another with codes that are of interest, well written.
(Applause)
Leave a Reply