PHP – My Brain BLOG

WordPress REST API Authentication

Trying to access your custom posttype through the WordPress rest-API, but want to make sure the session has the correct permissions? Well, according to the docs you could do this with Basic Authentication.
However it did not seem to work. I was trying the proof of concept with a request like this:

$url_test  = 'https://yourtestwebsite.url/wp-json/wp/v2/yourcustomposttype';
$user = 'yourapiusername';
$pass = 'yourapiuserpassword';
$auth = base64_encode($user.':'.$pass);
$ctx = stream_context_create(array('http' => array('header' => 'Authorization: Basic '.$auth)));
$data = file_get_contents($url_test, false, $ctx);

Adding yourcustomposttype to the rest api is simple, but you can not add any permissions check. So I added an extra check for the correct permission first before adding the custom endpoint, like so:

PHP8 and function list() = each()

Time to write something about PHP again. With PHP 7.2, the function each() is deprecated. The documentation says: “Warning This function has been DEPRECATED as of PHP 7.2.0. Relying on this function is highly discouraged.“.
If you ignored this warning before, in PHP8 you will now get the following error: Fatal error: Uncaught Error: Call to undefined function each() in /path/file.php:line
So, what do you do when you find this in your old code or in some library that you use, but is not being updated anymore? Stackoverflow to the rescue…

php ob_flush

How to show your script output as it is producing it. Normally everything is buffered and shown all at once, but sometimes you want to show the actual progress of the script.
This needs a few steps to get it working.

Icepay cURL 60 SSL problem

To be precise, the error is: “Unable to reach the ICEPAY payment server (60):SSL certificate problem: unable to get local issuer certificate“

The solution could be:

curl_setopt($this->ch, CURLOPT_SSL_VERIFYHOST, 0);
curl_setopt($this->ch, CURLOPT_SSL_VERIFYPEER, 0);

or, which also works in my case:

curl_setopt($this->ch, CURLOPT_SSL_VERIFYHOST, 2);
curl_setopt($this->ch, CURLOPT_SSL_VERIFYPEER, false);

Of course bypassing SSL security is never the correct option, but for a development server we all make exceptions sometimes.
Have a nice day!

PHP variables and strings

Sometimes you have to be reminded of the basics:

“How to use a dollar-sign $ in a string?”
In single quotes a dollar sign isn’t parsed as anything. Nothing is auto parsed in single quotes in php. If you use double quotes they are automatically parsed:

echo "$var"; // this will print the value of $var;
echo '$var'; // this will print $var;
echo "\$var";// this escapes the dollar sign so it will print $var;

MySQL user not connecting

Problem:
Windows Server 2016, IIS Website, Setup a MySQL server/database, setup a WordPress website, quickly connect with root and root-password. Everything works fine!

Now you want things more secured, so you add a MySQL user with a password and rights to only the wordpress database. Change wp-config.php with the new login and you get a “Error Establishing a Database Connection” when accessing the WordPress website or admin.

Change back to root and the problem is solved. How to fix this?