Hi, I'm looking to build a simply script allowing a specific external site to update a meta value for my custom posts.
What I had in mind was something like this:
1. External site gets access to a script on my site.
2. External site post values to that script sending the custom post ID to update, and the value.
3. The script needs some kind of security token to verify the external site post process.
4. If everything is accepted, the script updates custom post meta value, returns result and stops.
How would you guys go about setting this up?
It sounds like you are looking for a <em>XML-RPC</em> solution.
WordPress already ships with it (the xmlrpc.php file in the WP root directory) so you can communicate through that to update your custom fields.
Have you looked into that?
1) Fetch data from a given post:
$result = $client->query(
where it contains information about the the <em>meta_id</em> value for a given custom field.
2) Then we update the post with a new meta value for $meta_id:
$result = $client->query(
$post_data = array(
'custom_fields' => array(
'id' => $meta_id,
'key' => 'color',
'value' => 'red'
More about the XML-RPC in the Codex [[LINK href="http://codex.wordpress.org/XML-RPC_wp"]]here[[/LINK]].
Other possibilities are for example the JSON REST API plugin.
[[LINK href="http://torquemag.io/working-meta-data-using-json-rest-api/"]]Here[[/LINK]] is an example.
Interesting. Haven't looked into that on.
I was actually thinking more of using something like GET to allow the external site to update specific posts.
Something like "example.com/update.php?postID=1212&metavalue=text&securityID=x43dsf21e12"
But back to XML-RPC, how would this look from a clients (external side) perspective?
How would they update for example <em>meta_id color => red?</em>. Does this work the same way as the "GET" example? Do they use "xmlrpc.php" directly, or do I have to create some custom script around XML-RPC?
Thanks for your response so far. Hope you can help me get a understand of the workflow of this.
I don't recommend doing updates via GET method with the security key exposed.
Is the external website a WordPress site also?
Is the meta key with underscore in front ? (those need a special attention)
Yes, I was a bit concerned about the GET method security.
The external website is not a WordPress site.
The meta key I want to update is actually built using Advanced custom fields, and is a simple text field. Nothing fancy.
Hope that makes sense. Happy for your recommendations Dbranes.
You could maybe play with this option:
since there are too many unknowns with your external setup.
Awesome Dbanes! I'll play around with this.
Thanks a lot for your help on this one. Much appreciated.