Though many of the concepts in this course are still relevant, overall this course does not reflect our current course standards.
Transcript from the "Introducing Ajax in WordPress" Lesson
[00:01:10] The PHP file is going to run some code and then return some code back that the AJAX request will wait for. Now you can make really simple AJAX request, like hey just go to my homepage and scrape all the data and give it to me. And then I will do something with it.
[00:01:27] But when I talk about AJAX in this context, I'm really talking about AJAX that is interacting somehow. With the WordPress backend and code so like in the AJAX example we're gonna do you click a button and it likes something and adds it to the database and then gives you back the updated value and that you could update on your site.
[00:01:43] Okay, so when I say AJAX and WordPress I don't mean [COUGH] from a purely technical level, anything that's sending out an HML HTTP request. I'm talking about specifically doing something that's gonna interact with the database or the code in WordPress that we kind of want to have protected and there's a few extra steps along the way there.
[00:02:03] So the first thing we have to do is inside of our PHP remember how we could pass in stuff through our localized script? We're going to be passing in a Nonce and URL. [COUGH] A Nonce is a number used only once and it's a unique string and WordPress will generate it for us when the page is loaded and then if we make any AJAX requests it's going to look for that exact same string back to verify.
[00:02:28] So if somebody, let's say we know the URL in WordPress, if we want to ping it and make a request from some other site on to our's. If we don't have that Nonce attached to it it will refuse it so this is one of the validation methods that WordPress uses and very helpful for us.
[00:02:46] [COUGH] Also the URL, our code that we're gonna run is in our functions.php file for themes, so where even if it's in a plugin, how do you get that URL. Do you type in site.com/wp-contents/plugins/mycontmyplugins/assetsjsteams? No, we have to root every single AJAX call in WordPress goes to a single URL.
[00:03:32] So jQuery is pretty easy for this. There's native fetch, there is Axel which will look at as well. There's a lot of different way. Hey, you could even use a straight up on HTTP request. I wouldn't recommend it but it's all possible. But you have to pass this Nonce and the URL back in a very specific ways.
[00:03:50] So that's the part I wanna show you and that's where we're gonna be copying and pasting as hey, right here in our AJAX call, we won't type out the whole thing. I'm gonna assume at this point, you've probably seen a jQuery AJAX calling your life. So it won't leave you shaking in your boots, and it's really just figuring out how to pass the Nonce and the URL.
[00:04:31] Step two, maybe it's normal, maybe it's not, depending on security methods, but not always. Three, definitely not normal, right? We don't normally build a PHP app that interjects all AJAX requests and filters and redirects them on their own, but WordPress will. And step four is completely normal, right?
[00:04:50] So steps two and four and five you have to have every time. So we're just adding in this extra hook and the passing out the Nounce. Luckily this is mostly stuff that we've done already.