create post wordpress.com using rest api

vallez picture vallez · Mar 3, 2016 · Viewed 13k times · Source

I want to make php app to create post on wordpress.com using REST api.

I use this code:

<?php

$curl = curl_init( 'https://public-api.wordpress.com/oauth2/token' );
curl_setopt( $curl, CURLOPT_POST, true );
curl_setopt( $curl, CURLOPT_POSTFIELDS, array(
'client_id' => 12345,
'redirect_uri' => 'http://example.com/wp/test.php',
'client_secret' => 'L8RvNFqyzvqh25P726jl0XxSLGBOlVWDaxxxxxcxxxxxxx',
'code' => $_GET['code'], // The code fromthe previous request
'grant_type' => 'authorization_code'
) );
curl_setopt( $curl, CURLOPT_RETURNTRANSFER, 1);

$auth = curl_exec( $curl );
$secret = json_decode($auth);
$access_token = $secret->access_token;


$post = array(
'title'=>'Hello World',
'content'=>'Hello. I am a test post. I was created by
the API',
'date'=>date('YmdHis'),
'categories'=>'API','tags=tests'
);
$post = http_build_query($post);
$apicall = "https://public-api.wordpress.com/rest/v1/sites/mysite.wordpress.com/posts/new";
$ch = curl_init($apicall);
curl_setopt($ch, CURLOPT_HTTPHEADER, array
('authorization: Bearer ' . $access_token,"Content-Type: application/x-www-form-urlencoded;
charset=utf-8"));
curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, false);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
curl_setopt($ch, CURLOPT_POSTFIELDS, $post);
curl_setopt($ch, CURLOPT_VERBOSE, 1); 
$return = curl_exec($ch);
echo "<pre>";
print_r($return);
exit;

?>

but I get this error:

{"error":"unauthorized","message":"User cannot publish posts"}

Can help me?

Thanks

Answer

Prisacari Dmitrii picture Prisacari Dmitrii · Feb 20, 2018

Standard way to create posts is to use cookies and nonce.

However I found a more easy way to do it.

  1. Install Basic-Auth plugin to your wordpress.

  2. Create wordpress user with username admin and password admin (both credentials are insecure, used for demonstration purposes only)

  3. Create post using code:

    $username = 'admin';
    $password = 'admin';
    $rest_api_url = "http://my-wordpress-site.com/wp-json/wp/v2/posts";
    
    $data_string = json_encode([
        'title'    => 'My title',
        'content'  => 'My content',
        'status'   => 'publish',
    ]);
    
    $ch = curl_init();
    curl_setopt($ch, CURLOPT_URL, $rest_api_url);
    curl_setopt($ch, CURLOPT_POST, 1);
    curl_setopt($ch, CURLOPT_POSTFIELDS, $data_string);
    
    curl_setopt($ch, CURLOPT_HTTPHEADER, [
        'Content-Type: application/json',
        'Content-Length: ' . strlen($data_string),
        'Authorization: Basic ' . base64_encode($username . ':' . $password),
    ]);
    curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
    
    $result = curl_exec($ch);
    
    curl_close($ch);
    
    if ($result) {
        // ...
    } else {
        // ...
    }
    

Note that in example above version 2 of REST API is used.