Title: Access plugin file Last modified: December 12, 2017 --- # Access plugin file * [jkepler](https://wordpress.org/support/users/jkepler/) * (@jkepler) * [8 years, 5 months ago](https://wordpress.org/support/topic/access-plugin-file/) * Hi * I’ve created successfully several plugins for wordpress. But one piece of code is missing: * – how do I access externally (from my main site for instance) a file within the plugin dir (in my client dir) let’s say as a GET request? * Basically I want to call a plugin file (for example user_info.php) with the correct url, and verify the registration data using a GET request – whith my admin passord and username of course. * Any help is very welcomed 🙂 * Kind regards * JKepler Viewing 9 replies - 1 through 9 (of 9 total) * Moderator [Steven Stern (sterndata)](https://wordpress.org/support/users/sterndata/) * (@sterndata) * Volunteer Forum Moderator * [8 years, 5 months ago](https://wordpress.org/support/topic/access-plugin-file/#post-9775989) * You can certainly access any php file and pass it parameters, but allowing for a login seems like a really, really, really bad idea to me. You’d be passing your admin credentials in clear text (and they’d be preserved in the site’s log). * Is this a real user login or a backdoor for you as the plugin dev? - This reply was modified 8 years, 5 months ago by [Steven Stern (sterndata)](https://wordpress.org/support/users/sterndata/). * Thread Starter [jkepler](https://wordpress.org/support/users/jkepler/) * (@jkepler) * [8 years, 5 months ago](https://wordpress.org/support/topic/access-plugin-file/#post-9776065) * Hi Steve * Yes you’re right. It is not a visual login of course. It’s a simple backdoor to my plugin to retrieve registration and authentication important information– including debug logs. If you could help me out, I would apreciate it very much. * Kind regards * JKepler * Moderator [Steven Stern (sterndata)](https://wordpress.org/support/users/sterndata/) * (@sterndata) * Volunteer Forum Moderator * [8 years, 5 months ago](https://wordpress.org/support/topic/access-plugin-file/#post-9776102) * Backdoors are a big no-no. [https://developer.wordpress.org/plugins/wordpress-org/detailed-plugin-guidelines/#7-the-plugin-may-not-%e2%80%9cphone-home%e2%80%9d-or-track-users-without-their-informed-explicit-opt-in-consent](https://developer.wordpress.org/plugins/wordpress-org/detailed-plugin-guidelines/#7-the-plugin-may-not-%e2%80%9cphone-home%e2%80%9d-or-track-users-without-their-informed-explicit-opt-in-consent) * I strongly suggest you review this with someone on the plugins review team. - This reply was modified 8 years, 5 months ago by [Steven Stern (sterndata)](https://wordpress.org/support/users/sterndata/). * Moderator [Ipstenu (Mika Epstein)](https://wordpress.org/support/users/ipstenu/) * (@ipstenu) * 🏳️‍🌈 Advisor and Activist * [8 years, 5 months ago](https://wordpress.org/support/topic/access-plugin-file/#post-9776229) * Any backdoors are absolutely disallowed. You don’t have any plugins hosted here, but be aware that if you were to add in a security hole like that, your account may be banned. * Thread Starter [jkepler](https://wordpress.org/support/users/jkepler/) * (@jkepler) * [8 years, 5 months ago](https://wordpress.org/support/topic/access-plugin-file/#post-9777553) * Hi, * I was looking at the docs you kindly gave me, and I must confess I’ve explained everything wrong – my fault. * What I’m trying to do is get an answer from a plugin file if I give the proper user and pass. * Example: I call the file register.php from within the plugin dir like this * [http://…/register.php?user=admin&password=mypassword&data=2](http://…/register.php?user=admin&password=mypassword&data=2) * The plugin responds if the user and pass are correct. And returns, for instance, the double of data – in this case 4. * Sorry for the confusion. * Kind regards * JKepler - This reply was modified 8 years, 5 months ago by [jkepler](https://wordpress.org/support/users/jkepler/). * Thread Starter [jkepler](https://wordpress.org/support/users/jkepler/) * (@jkepler) * [8 years, 5 months ago](https://wordpress.org/support/topic/access-plugin-file/#post-9777932) * Hi again * I was able to achieve part of my objective through the REST API of WP. Here’s the code: * function prefix_get_endpoint_time() { $t = “My message”; return rest_ensure_response( $t ); } function prefix_register_example_routes() { register_rest_route( ‘myplugin/ v1’, ‘/getinfo’, array( ‘methods’ => WP_REST_Server::READABLE, ‘callback’ => ‘ prefix_get_endpoint_time’, ) ); } add_action( ‘rest_api_init’, ‘prefix_register_example_routes’); * I call [http://mydomain.com/wp/wp-json/myplugin/v1/getinfo](http://mydomain.com/wp/wp-json/myplugin/v1/getinfo) and get “My message”, which is good 🙂 * My doubt now is how do I pass arguments to the function and how to retrieve them for authentication. I think the arguments ‘user’ and ‘password’ should be in the array? But how? And how do I retrieve them in the prefix_get_endpoint_time function? * Sorry for the trouble. * Kind regards, * JKepler * Thread Starter [jkepler](https://wordpress.org/support/users/jkepler/) * (@jkepler) * [8 years, 5 months ago](https://wordpress.org/support/topic/access-plugin-file/#post-9778627) * Hi again * Problem solved. The routine becomes (for example): * function prefix_get_endpoint_time( $request ) { $user = $request[‘user’]; $pass = $request[‘pass’]; /* routines here saved in $result */ return rest_ensure_response( $result ); } function prefix_register_example_routes() { register_rest_route(‘ myplugin/v1’, ‘/getinfo’, array( ‘methods’ => WP_REST_Server::READABLE, ‘callback’ => ‘prefix_get_endpoint_time’, ) ); } add_action( ‘rest_api_init’, ‘prefix_register_example_routes’); * with the call: * [http://mydomain.com/wp/wp-json/myplugin/v1/getinfo?user=admin&pass=123456](http://mydomain.com/wp/wp-json/myplugin/v1/getinfo?user=admin&pass=123456) * Kind regards, * JKepler * [Beee](https://wordpress.org/support/users/beee/) * (@beee) * [8 years, 4 months ago](https://wordpress.org/support/topic/access-plugin-file/#post-9893471) * I’m looking to do something similar but I keep getting a 500 error. Even when I copy the default code from WP docs…. Dito with your code… Any tips/tricks ? * [Beee](https://wordpress.org/support/users/beee/) * (@beee) * [8 years, 4 months ago](https://wordpress.org/support/topic/access-plugin-file/#post-9893648) * I placed the functions in the wrong place so they were hooking to early/late, so disregard my previous comment 🙂 Viewing 9 replies - 1 through 9 (of 9 total) The topic ‘Access plugin file’ is closed to new replies. ## Tags * [get](https://wordpress.org/support/topic-tag/get/) * [request](https://wordpress.org/support/topic-tag/request/) * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 9 replies * 4 participants * Last reply from: [Beee](https://wordpress.org/support/users/beee/) * Last activity: [8 years, 4 months ago](https://wordpress.org/support/topic/access-plugin-file/#post-9893648) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics