Important changes to our API

Yep no worries. Iā€™m on my phone now but once Iā€™m back on a computer Iā€™ll help rewrite that for you. Iā€™ve also got a bunch of other snippets to share

try this. Iā€™ve re-written the above code to work with the new api.

note that $this->verify_purchase will contain different data, so if you reference that parameter from somewhere else you might want to double check youā€™re referencing it correctly (e.g. item name would be $this->verify_purchase['item']['name'] )

you also have to setup a new personal token:

// generate your personal API token from http://build.envato.com define('ENVATO_API_TOKEN','asdfasdfasdfasdfasdfasdfasdfasdf');

and the updated method:

public function rcp_form_errors( $postdata ) {
	if ( is_user_logged_in() && get_user_meta( get_current_user_id(), 'tf_key', true ) ) {
		return false;
	}
	$tf_key = isset( $_POST[ 'rcp_tf_key' ] ) ?  $_POST[ 'rcp_tf_key' ] : '';
	// sanitize purchase code to ensure they're all lowercase in our database and in the correct format.
	$tf_key = strtolower(preg_replace('#([a-z0-9]{8})-?([a-z0-9]{4})-?([a-z0-9]{4})-?([a-z0-9]{4})-?([a-z0-9]{12})#','$1-$2-$3-$4-$5',$tf_key));
	if ( $tf_key ) {
		$this->tf_key = $tf_key;
	} else {
		return rcp_errors()->add( 'no-tf-key', __( 'Please enter a valid ThemeForest Purchase Code available from your <a href="http://themeforest.net/downloads" target="_blank">ThemeForest Downloads Page</a>' ), 'register' );
	}

	global $wpdb;

	$sql = "
        SELECT user_id
        FROM $wpdb->usermeta
        WHERE meta_key = 'tf_key'
        AND meta_value = %s
    ";

	$existing = $wpdb->get_var( $wpdb->prepare( $sql, $tf_key ) );

	if ( $existing ) {
		return rcp_errors()->add( 'duplicate-tf-key', __( 'This Purchase Key is already associated with an account.' ), 'register' );
	}

	$url = sprintf(
		'https://api.envato.com/v2/market/author/sale?code=%s',
		$tf_key
	);
	$request_headers = array(
		'user-agent' => 'dtbaker WordPress',
		'timeout'    => 20,
		'sslverify'    => false,
		'Authorization' => 'Bearer ' . ENVATO_API_TOKEN,
	);
	$response = wp_remote_get( $url, $request_headers );
	$body = wp_remote_retrieve_body( $response );
	$body = json_decode( $body, true );

	if ( ! empty( $body[ 'item' ][ 'id' ] ) ) {
		// $body will look like this:
		/*$body = array(
			'amount'          => 12.10,
			'sold_at'         => '2015-09-19T22:57:07+10:00',
			'item'            => array(
				'id'                 => 123,
				'name'               => 'item name here',
				'description'        => 'lots of html code here',
				"site"               => "codecanyon.net",
				"classification"     => "wordpress/social-networking",
				"classification_url" => "http://codecanyon.net/category/wordpress/social-networking",
				"price_cents"        => 1900,
				"number_of_sales"    => 247,
				"author_username"    => "dtbaker",
				"author_url"         => "http://codecanyon.net/user/dtbaker",
				"author_image"       => "https://0.s3.envato.com/files/111547951/dtbaker-php-scripts-wordpress-themes-and-plugins.png",
				"url"                => "http://codecanyon.net/item/simple-social-inbox-facebook-twitter-google/7478754",
				"thumbnail_url"      => "https://0.s3.envato.com/files/90732550/thumb_track-link-clicks-and-send-social-messages-from-WordPress.png",
				"summary"            => "Compatible Browsers=> IE10, IE11, Firefox, Safari, Opera, Chrome, Software Version=> WordPress 4.2",
			),
			"license"         => "Regular License",
			"support_amount"  => "0.00",
			"supported_until" => "2016-03-20T13 =>57 =>07+11 =>00",
			"buyer"           => "singsingszeged"
		);*/
		$this->verify_purchase = $body;
	} else {
		return rcp_errors()->add( 'invalid-tf-key', __( 'Your ThemeForest Purchase Key is invalid.' ), 'register' );
	}
	return true;
}

Iā€™ve started putting some sample code together here:

http://dtbaker.net/envato/envato-api-php-code-samples/

Iā€™ve got some more to add (e.g. oAuth example) just gotta find time to clean it up first.

Great,

thanks a lot for all the effort! :smile:
Really appreciate it, let us know if we can show it somehow!

Thanks for the example, I already have a working prototype update system for WP themes into my framework using the new api, although it requires the user to create a token. Do you have any idea if itā€™s possible with oAuth? I canā€™t figure out how it would work since the app requires a static return url ?

Iā€™m playing with that now actually.

So far Iā€™ve got two options:

  1. use the ā€œoauth implicit flowā€ feature - this would require the user to login each time an update needs to be installed (implicit flow token only lasts an hour, no refresh option). The sytem can still detect if an update is available and just prompt the user to login with Envato to apply that update. No 3rd party database required to get this running. But a simple php oauth/redirection script would be required on my server.

  2. bounce all update requests through my own server and pass my own token back to the wordpress theme/plugin. the theme/plugin talks to my server using that token and that token is stored against an oauth session in my database. User logs in once and will receive updates for as long as needed. Requires a 3rd party oauth/redirection php script and database to store active oauth sessions/refresh codes.

Thatā€™s where Iā€™m at now, only got half way through a functional demo.

Honestly I would hold off on any custom update scripts. The new ā€œEnvato Marketā€ WordPress plugin is coming out soon and that will handle theme/plugin installations/updates externally. You will just be able to install that plugin using TGMP on theme activation and have everything handled. A few API endpoints need to be fine tuned before this is possible though, itā€™s getting close!

Hey,

Sorry to keep it here, but I tried the script and every Purchase code I try, I do get an error

" Your ThemeForest Purchase Key is invalid. "

That means, it is not validating the code for some reasonā€¦

And the most anoying thing is that I am trying here:
https://build.envato.com/register/

and I do get an infinity loader, without getting the option to register a new app, so I can use the infoā€¦

No worries I didnā€™t actually test that code, Iā€™ll do it this arvo when back on a computer :slight_smile:

Do you know if Envato is working on an api method to submit comments? I think Iā€™ve read it somewhere in the forum but I canā€™t remember where exactly.

They donā€™t have any write API endpoints yet. but I did hear itā€™s something they are working on and comments submission would be one of the first endpoints to develop. Iā€™d say it would be lower on the to-do list though

Hey @creativeisG I had the ā€˜headersā€™ array wrong in your code, hereā€™s the fix:

public function rcp_form_errors( $postdata ) {
	if ( is_user_logged_in() && get_user_meta( get_current_user_id(), 'tf_key', true ) ) {
		return false;
	}
	$tf_key = isset( $_POST[ 'rcp_tf_key' ] ) ?  $_POST[ 'rcp_tf_key' ] : '';
	// sanitize purchase code to ensure they're all lowercase in our database and in the correct format.
	$tf_key = strtolower(preg_replace('#([a-z0-9]{8})-?([a-z0-9]{4})-?([a-z0-9]{4})-?([a-z0-9]{4})-?([a-z0-9]{12})#','$1-$2-$3-$4-$5',$tf_key));
	if ( $tf_key ) {
		$this->tf_key = $tf_key;
	} else {
		return rcp_errors()->add( 'no-tf-key', __( 'Please enter a valid ThemeForest Purchase Code available from your ThemeForest Downloads Page' ), 'register' );
	}

	global $wpdb;

	$sql = "
        SELECT user_id
        FROM $wpdb->usermeta
        WHERE meta_key = 'tf_key'
        AND meta_value = %s
    ";

	$existing = $wpdb->get_var( $wpdb->prepare( $sql, $tf_key ) );

	if ( $existing ) {
		return rcp_errors()->add( 'duplicate-tf-key', __( 'This Purchase Key is already associated with an account.' ), 'register' );
	}

	$url = sprintf(
		'https://api.envato.com/v2/market/author/sale?code=%s',
		$tf_key
	);
	$request_headers = array(
		'user-agent' => 'dtbaker WordPress',
		'timeout'    => 20,
		'sslverify'    => false,
		'headers' => array(
			'Authorization' => 'Bearer ' . ENVATO_API_TOKEN,
		)
	);
	$response = wp_remote_get( $url, $request_headers );
	$body = wp_remote_retrieve_body( $response );
	$body = json_decode( $body, true );

	if ( ! empty( $body[ 'item' ][ 'id' ] ) ) {
		// $body will look like this:
		/*$body = array(
			'amount'          => 12.10,
			'sold_at'         => '2015-09-19T22:57:07+10:00',
			'item'            => array(
				'id'                 => 123,
				'name'               => 'item name here',
				'description'        => 'lots of html code here',
				"site"               => "codecanyon.net",
				"classification"     => "wordpress/social-networking",
				"classification_url" => "http://codecanyon.net/category/wordpress/social-networking",
				"price_cents"        => 1900,
				"number_of_sales"    => 247,
				"author_username"    => "dtbaker",
				"author_url"         => "http://codecanyon.net/user/dtbaker",
				"author_image"       => "https://0.s3.envato.com/files/111547951/dtbaker-php-scripts-wordpress-themes-and-plugins.png",
				"url"                => "http://codecanyon.net/item/simple-social-inbox-facebook-twitter-google/7478754",
				"thumbnail_url"      => "https://0.s3.envato.com/files/90732550/thumb_track-link-clicks-and-send-social-messages-from-WordPress.png",
				"summary"            => "Compatible Browsers=> IE10, IE11, Firefox, Safari, Opera, Chrome, Software Version=> WordPress 4.2",
			),
			"license"         => "Regular License",
			"support_amount"  => "0.00",
			"supported_until" => "2016-03-20T13 =>57 =>07+11 =>00",
			"buyer"           => "singsingszeged"
		);*/
		$this->verify_purchase = $body;
	} else {
		return rcp_errors()->add( 'invalid-tf-key', __( 'Your ThemeForest Purchase Key is invalid.' ), 'register' );
	}
	return true;
}

where can one report bugs about new API?

https://help.market.envato.com/hc/en-us/requests/new

Hey everyone,

Just a quick heads up on where we are at with the shutdown. Weā€™ve received a lot of feedback that itā€™s too difficult to get things fully prepared in the time weā€™ve allowed, so weā€™re going to delay the shutdown until early next year.

Weā€™ll keep you all posted as to the new date.

Cheers,
Sean.

2 Likes

Curious what sort of things are tricky for people to implement?

Is it all the themes/plugins relying on the old API for updates?

1 Like

I canā€™t speak for everyone, but all of our themes use the Envato WordPress Toolkit Library as that was a requirement a while ago (I even donā€™t know when it stopped being required). Do you have any info on the when the new toolkit will be available and is it going to be released as a plugin as well (or just a library to embed in the themes)?
Iā€™m worried that after the old API gets retired our users wonā€™t be able to install the updates automatically anymore and I was hoping that the new toolkit would be available sooner, so we can release updates before the API gets retired.

1 Like

Time to charge for Theme Update Service.

1 Like

Hey, finally found your post! I have that example for you, check out: Fully automatic Plugin Install + Default Content + oAuth Theme Updates in a Wizard. :slight_smile: oauth updates in WordPress, no buyer tokens required.