Support » Fixing WordPress » WordPress site connection to Web Service via SOAP

  • thevasuthan


    Hi, I need to build a website that will support payment gateways and is able to download software via a SOAP connection to a web service.

    I know that I can use Woocommerce to provide payment gateways. Can you please tell me how I would go about establishing a SOAP connection from WordPress to a Web Service. Is there a client plugin? I have searched but only found a server plugin.Would I have to write this myself? Thanks in advance

    I found this link

    Can anybody confirm that a PHP SOAP client would need to be written for WordPress? Thanks!

Viewing 8 replies - 1 through 8 (of 8 total)
  • Moderator bcworkz


    Because the implementation depends on the resource being requested, any plugin you find is going to be pretty limited in what it does. You would still need to program in the specifics for the service you intend to use. SOAP is basically communication using XML. XML parsing is offered in both JavaScript and PHP, so writing your own is not going to be much more difficult than configuring a SOAP plugin to work with your service.

    I’m not saying it would be easy, only that any existing plugin is not going to be all that helpful.



    Hi @bcworkz

    So the best thing for me to would be to write a SOAP client in PHP and follow the guide to make this in to a valid WordPress Plugin. I need the client to access a web service. The client will send a User Name, Password and Product Code (all of this is Commercial in Confidence). How do I ensure that this data is safe?


    Moderator bcworkz


    “client in PHP” That’s a confusing phrase for me. “Client” usually refers to code running in a user’s browser, but PHP code only runs on servers. Browsers do not run PHP code. I’m going to assume you intend your server to communicate with the web service and not a browser, so in my mind I’m substituting your references to “client” with “app”.

    Assuming your server is properly configured to not output PHP code as plain text and the PHP files have proper file system permissions assigned, keeping sensitive data hard coded on a PHP file will be secure. This would be similar to what is done with DB credentials on wp-config.php. Communicating with HTTPS protocol will ensure adequate security of sensitive data when it is transmitted. You can use what ever communication method you like (cURL, WP_Http, etc.) as long as it connects with HTTPS.

    If hard coding the data is inappropriate because it must be obtained from a user or something, the data can be stored in the WP DB. To get the data from a user or elsewhere, that connection too needs to be over HTTPS, which requires your server to have an SSL certificate for your domain.

    Hi @bcworkz
    Thanks for your reply. Very helpful. Your statement:-

    “Assuming your server is properly configured to not output PHP code as plain text and the PHP files have proper file system permissions assigned, keeping sensitive data hard coded on a PHP file will be secure.”

    I am going to create an ecommerce site using on Bluehost, how do i ensure that the server is properly configured?.

    To solve my clients problem, I need to do the following:-

    SOAP Web Service Plugin – to be written in PHP.
    The SOAP plugin needs an event listener, to receive a Product Code when a website product is selected via a button click. When the payment transaction has been confirmed (need to work this out with Woocommerce) the Plugin then passes the Product Code to the VSM Web Service. The VSM service then responds with a download link and activation code. The plugin then passes this to an email plugin that passes the details to the customer. If the payment transaction is not confirmed the product code should be disposed of.

    I was wondering if you could confirm that this can be done in PHP? I am just starting to learn PHP.

    Thanks so much!

    Once I have created the SOAP plugin do I have to make it available to WordPress as source code – just worried about security.


    Moderator bcworkz


    Bluehost is a good host, their servers will be properly configured for secure PHP. I mentioned server configuration only because I’ve run across people running their own server who don’t have adequate experience to do so safely.

    You don’t have to share plugin code if you don’t want to. Installed on a Bluehost server, the only way people can see the source code are by those with FTP access.

    PHP doesn’t have event listeners per se. Code executes upon HTTPS request from a browser or other external client. That client can have an event listener in JavaScript or similar which in turn makes a HTTPS request to the PHP code server side.

    WordPress has implemented a system of actions and filters in PHP which behave very similarly to event listeners, but they are events triggered by WP elements executing and not user triggered events. You will want to hook your code into an action that fires when payment has been approved. I couldn’t tell you which hook that would be, it’s a question for WooCommerce people. But for more on hooks in general, check out the related chapter in the Plugin Handbook. You’ll want to peruse other sections of this great resource for future reference.

    Your action callback code can get what product the customer purchased from the WC order object. With that you can determine the product code you need in order to assemble a SOAP request to the web service. Upon successful response, you can directly email the customer with the wp_mail() function. No need for another plugin.

    Hi @bcworkz

    Thanks again for your very helpful reply. I have a few more questions:-

    Am I right in thinking that the functionality discussed (PHP SOAP app and javascript to handle the Buy button) needs me to work with WordPress.Org rather than WordPress.Com?

    Just to remind you my client wants me to build an eCommerce site that allows people to purchase and download software. I need to write some PHP code which will run Server Side
    so that when the buy button is clicked and purchase transaction completes successfully the SOAP request is made and an email using the wp_mail() function sent to the customer with the download link and activation code.

    I am trying to keep my clients costs as low as possible

Viewing 8 replies - 1 through 8 (of 8 total)
  • You must be logged in to reply to this topic.