WordPress Action Ticketing API

This plugin is the next step after my proposal for a common invite API. Here’s how I described it when requesting hosting at the plugin directory:

A common framework for registering tickets that will be acted upon later. Use it to manage challenge/response interactions to confirm email addresses, phone numbers, IM screen names, Twitter accounts, etc. Build an invite system around it, or use it as the foundation of a short URL system. It’s an extensible framework that takes cues from WordPress’ cron and admin Ajax functions.

Tickets are unique 1-32 character strings associated with actions and some stored data. Upon receiving a ticket, the matching action is executed with the stored data as an argument. After receiving the action, a plugin can destroy the ticket (as for challenge/response actions), or or leave the ticket in place for repeated use (like redirecting to longer post permalinks for a short URL resolver).

Here’s how it works:

Registering a ticket requires three things:

  • The unique string that identifies the ticket
  • A string representing the action that will be executed when the ticket is called
  • Some data that will be passed to that action when the ticket is called

And here it is in action:

$ticket = $wptix->register_ticket( 'action_name_string', $wptix->generate_md5(), array( 'data' => 'val', 'more_data' => 'another_val' ));

To actually do anything with that ticket you’ll have to also register a function associated with the action name you gave when you registered it:

add_action( 'action_name_string', 'my_function_name' );

WP Ticket Framework registers a URL base in the form of http://site.net/do/any_ticket_string, so you can call a ticket simply by visiting that URL, or you can call tickets within your code. The following demonstrates one method of handling ticket inputs as part of a larger form submission.

if( ( $ticket = $wptix->is_ticket( $_POST['phone_confirmation'] )) && $ticket->arg['user_id'] == $current_user->ID ){
 $wptix->do_ticket( $_POST['phone_confirmation'] );
}else{
 $errors->add( 'user_phone', __( "<strong>ERROR</strong>: The confirmation code is invalid." ), array( 'form-field' => 'phone_confirmation' ) );
 return;
}

Caveats:

  • Tickets don’t have any built in expiration mechanism. You can, however, include an expiration time in data saved in the ticket and act on that accordingly.
  • Tickets don’t have any built in security mechanism. If only a certain user should be allowed to call a ticket, your code needs to be aware of that and enforce it.
  • Tickets are deleted after being called, though you can suppress that by calling $wptix->clean_up_after( FALSE );.
  • Tickets can only be queried by ticket string. If your application needs to keep track of open tickets for each user (as an example) it should also make a user meta entry about it.