[wp-hackers] Accessing Update Check API Outside of WordPress

Mark Smith mark.smith1187 at yahoo.com
Sun Nov 11 16:17:21 UTC 2012

That was very helpful cloudpress. Using your method it was much easier to see what is sent and I figured out what exactly is sent for themes.

array(3) { ["current_theme"]=> string(10) "twentyeleven" ["twentyeleven"]=> array(7) { ["Name"]=> string(13) "Twenty Eleven" ["Title"]=> string(13) "Twenty Eleven" ["Version"]=> string(3) "1.3" ["Author"]=> string(18) "the WordPress team" ["Author URI"]=> string(21) "http://wordpress.org/" ["Template"]=> string(12) "twentyeleven" ["Stylesheet"]=> string(12) "twentyeleven" } ["twentyten"]=> array(7) { ["Name"]=> string(10) "Twenty Ten" ["Title"]=> string(10) "Twenty Ten" ["Version"]=> string(3) "1.4" ["Author"]=> string(18) "the WordPress team" ["Author URI"]=> string(0) "" ["Template"]=> string(9) "twentyten" ["Stylesheet"]=> string(9) "twentyten" }
Thank you so much for your help.

----- Original Message -----
From: CloudPress Hosting <cloudpresshosting at gmail.com>
To: wp-hackers at lists.automattic.com
Sent: Sunday, November 11, 2012 12:14 AM
Subject: Re: [wp-hackers] Accessing Update Check API Outside of WordPress

<shameless plug>
If anyone is interested I have decided to blog about customizations I am
making to WordPress starting with a post about this.

</shameless plug>

It was an interesting concept I just wanted to share since I kinda like the
idea of what the OP was trying to accomplish anyway hope that helped your
out Mark.

On Sat, Nov 10, 2012 at 11:26 PM, CloudPress Hosting <
cloudpresshosting at gmail.com> wrote:

> Can't say that I knew how the API worked before but with a little clever
> hacking I modified a test install of WordPress to post the request to
> requestb.in then looked at what was posted.
> The WordPress site posts a serialized string. The key is "plugins" and
> this is what the value of that post data looks like.
> O:8:"stdClass":2:{s:7:"plugins";a:2:{s:19:"akismet/akismet.php";a:11:{s:4:"Name";s:7:"Akismet";s:9:"PluginURI";s:31:"
> http://akismet.com/?return=true";s:7:"Version";s:5:"2.5.6";s:11:"Description";s:481:"Used
> by millions, Akismet is quite possibly the best way in the world to
> <strong>protect your blog from comment and trackback spam</strong>. It
> keeps your site protected from spam even while you sleep. To get started:
> 1) Click the "Activate" link to the left of this description, 2) <a href="
> http://akismet.com/get/?return=true">Sign up for an Akismet API key</a>,
> and 3) Go to your <a href="admin.php?page=akismet-key-config">Akismet
> configuration</a> page, and save your API
> key.";s:6:"Author";s:10:"Automattic";s:9:"AuthorURI";s:40:"
> http://automattic.com/wordpress-plugins/";s:10:"TextDomain";s:0:"";s:10:"DomainPath";s:0:"";s:7:"Network";b:0;s:5:"Title";s:7:"Akismet";s:10:"AuthorName";s:10:"Automattic";}s:9:"hello.php";a:11:{s:4:"Name";s:11:"Hello
> Dolly";s:9:"PluginURI";s:48:"
> http://wordpress.org/extend/plugins/hello-dolly/";s:7:"Version";s:3:"1.6";s:11:"Description";s:295:"This
> is not just a plugin, it symbolizes the hope and enthusiasm of an entire
> generation summed up in two words sung most famously by Louis Armstrong:
> Hello, Dolly. When activated you will randomly see a lyric from
> <cite>Hello, Dolly</cite> in the upper right of your admin screen on every
> page.";s:6:"Author";s:14:"Matt Mullenweg";s:9:"AuthorURI";s:13:"
> http://ma.tt/";s:10:"TextDomain";s:0:"";s:10:"DomainPath";s:0:"";s:7:"Network";b:0;s:5:"Title";s:11:"Hello
> Dolly";s:10:"AuthorName";s:14:"Matt Mullenweg";}}s:6:"active";a:0:{}}
> A bit of a mess but if you unserialize it then var_dump the resulting
> array you can more easily see what it shows. It basically has all the meta
> data for each plugin. Post that to
> http://api.wordpress.org/plugins/update-check/1.0/ using cURL and what I
> got back was an empty serialized string, meaning all plugins were up to
> date. Modify one of the version numbers in the serialized string that is
> sent to be a previous version number and what I get back is a serialized
> string of meta data on the plugin with an available update like this.
> a:1:{s:19:"akismet/akismet.php";O:8:"stdClass":5:{s:2:"id";s:2:"15";s:4:"slug";s:7:"akismet";s:11:"new_version";s:5:"2.5.6";s:3:"url";s:44:"
> http://wordpress.org/extend/plugins/akismet/";s:7:"package";s:55:"
> http://downloads.wordpress.org/plugin/akismet.2.5.6.zip";}}
> I would assume themes won't be much different.
> That was an interesting exercise though I should make a blog post about
> it. Also I have to admit I like the idea to use your own script to detect
> updates and just email you, I might consider making something similar since
> I manage multiple WordPress sites for myself and for my clients. Thanks for
> the idea.
> On Sat, Nov 10, 2012 at 10:01 PM, Mark Smith <mark.smith1187 at yahoo.com>wrote:
>> I run numerous sites. Rather than have each site use the built in update
>> check I have disabled all update checks from the site via a plugin I made.
>> Instead I am building a php based cron job that will query the
>> api.wordpress.org site to check for updates and send me an email
>> notification. Personally I prefer that to the constant nags in WordPress to
>> upgrade. While I install minor upgrades as soon as they come out often
>> times I will wait on new major version having to see a nag until I do.
>> Core updates were easy enough, a simple cURL request to
>> http://api.wordpress.org/core/version-check/1.6/ returns a serialized
>> string which includes the current stable release version.
>> $output = unserialize($output);
>> $current_version = $output['offers'][0]['current'];
>> unset($output);
>> Gets me the version number currently available which I can check against
>> my installed versions easily enough.
>> Plugins and themes are a bit more difficult because I have to post data
>> about what plugins and themes I am checking.  This is obviously not
>> documented, the only documentation is a list of the API endpoints at
>> http://codex.wordpress.org/WordPress.org_API.
>> I took a look at update.php to see how WordPress does it but
>> the myriad of WordPress functions seems to just confuse me as to what
>> exactly is being posted to the API endpoints
>> http://api.wordpress.org/plugins/update-check/1.0/ and
>> http://api.wordpress.org/themes/update-check/1.0/. Can anyone explain to
>> me what eactly needs to be posted to get the current version of each plugin
>> and theme.
>> Thanks.
>> _______________________________________________
>> wp-hackers mailing list
>> wp-hackers at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-hackers
wp-hackers mailing list
wp-hackers at lists.automattic.com

More information about the wp-hackers mailing list