[wp-hackers] WordPress.org API

DD32 wordpress at dd32.id.au
Sat Jan 19 09:41:36 GMT 2008

On Sat, 19 Jan 2008 20:07:24 +1100, Ryan McCue <ryanmccue at cubegames.net> wrote:
> Pretty easy to do that anyway. Just change the server name and do a
> var_dump(). But that's not what I'm after. I'm after what it does
> internally.

Pure guess here:

$plugins = unserialise($_POST['unsafe_data']); //(Probably some checks in here)
$updated_plugins = array();
foreach( $plugins as $plugin){
	$info = lookup_plugin($plugin['name']);
	if( $plugin['version'] < $info['version'] ) //Use version_compare() here
		$updated_plugins[ $plugin['name'] ] = $info;

if( !empty( $updated_plugins ) ){
	echo serialize($updated_plugins);

Its not all that difficult to do really, Its simply a version check. I think Matt posted awhile ago they were working on some API documentation, But didnt have any available at the time, The phpversion parameter was just for stats to find out what most users currently use(allthough i dont think they were logging that at that time), And the blogurl they were ignoring at the time.. Probably still do.

More information about the wp-hackers mailing list