AJAX Endpoints

The GSM Middleware plugin provides several AJAX endpoints for admin panel operations. All endpoints require proper authentication and nonce verification.

Overview

AJAX endpoints handle real-time operations in the WordPress admin interface:

• Database connection testing
• API connection management
• BC Export operations
• Site management operations

Authentication

All AJAX requests require:

1. WordPress Login: User must be logged in
2. Capability: manage_gsm_middleware permission
3. Nonce: Valid WordPress nonce for security

Available Endpoints

Test Database Connection

Test external database credentials before saving.

Action: gsm_middleware_test_connection

Request:

jQuery.ajax({
  url: ajaxurl,
  type: 'POST',
  data: {
    action: 'gsm_middleware_test_connection',
    nonce: gsmSettings.nonce,
    use_external_db: true,
    db_host: 'localhost',
    db_name: 'middleware_db',
    db_user: 'db_user',
    db_password: 'db_password'
  },
  success: function(response) {
    if (response.success) {
      console.log('Connection successful:', response.data);
    }
  }
});

Response (Success):

{
  "success": true,
  "data": {
    "message": "Connection successful",
    "info": {
      "server": "MySQL 8.0.32",
      "database": "middleware_db",
      "charset": "utf8mb4"
    }
  }
}

Response (Error):

{
  "success": false,
  "data": {
    "message": "Connection failed: Access denied for user"
  }
}

Save API Connection

Save or update API connection configuration.

Action: gsm_save_api_connection

Request:

jQuery.ajax({
  url: ajaxurl,
  type: 'POST',
  data: {
    action: 'gsm_save_api_connection',
    nonce: gsmApiConnections.nonce,
    id: 0, // 0 for new, ID for update
    name: 'Navision Production',
    type: 'basic',
    environment: 'live',
    url: 'https://api.navision.com/odata',
    username: 'api_user',
    password: 'api_password',
    is_active: 1
  },
  success: function(response) {
    console.log(response);
  }
});

Response:

{
  "success": true,
  "data": "Connection saved successfully."
}

Activate API Connection

Set an API connection as the active one (deactivates others).

Action: gsm_activate_api_connection

Request:

jQuery.ajax({
  url: ajaxurl,
  type: 'POST',
  data: {
    action: 'gsm_activate_api_connection',
    nonce: gsmApiConnections.nonce,
    id: 5
  }
});

Response:

{
  "success": true,
  "data": "Connection activated successfully."
}

Delete API Connection

Remove an API connection configuration.

Action: gsm_delete_api_connection

Request:

jQuery.ajax({
  url: ajaxurl,
  type: 'POST',
  data: {
    action: 'gsm_delete_api_connection',
    nonce: gsmApiConnections.nonce,
    id: 3
  }
});

Response:

{
  "success": true,
  "data": "Connection deleted successfully."
}

Test API Connection

Verify API connection credentials.

Action: gsm_test_api_connection

Request:

jQuery.ajax({
  url: ajaxurl,
  type: 'POST',
  data: {
    action: 'gsm_test_api_connection',
    nonce: gsmApiConnections.nonce,
    id: 5
  }
});

Response (Success):

{
  "success": true,
  "data": {
    "message": "Connection successful",
    "info": {
      "endpoint": "https://api.navision.com/odata",
      "response_time": "145ms",
      "api_version": "v1.0"
    }
  }
}

Get BC Export Stats

Retrieve current Business Central export statistics.

Action: gsm_bc_export_stats

Request:

jQuery.ajax({
  url: ajaxurl,
  type: 'POST',
  data: {
    action: 'gsm_bc_export_stats',
    nonce: gsmBcExport.nonce
  }
});

Response:

{
  "success": true,
  "data": {
    "pending_insert": 5,
    "pending_verify": 3,
    "last_insert_run": "2026-03-17 10:30:00",
    "last_verify_run": "2026-03-17 10:25:00"
  }
}

Run BC Insert Operation

Manually trigger BC insert operation.

Action: gsm_bc_insert_now

Request:

jQuery.ajax({
  url: ajaxurl,
  type: 'POST',
  data: {
    action: 'gsm_bc_insert_now',
    nonce: gsmBcExport.nonce
  }
});

Response:

{
  "success": true,
  "data": {
    "message": "Insert operation completed",
    "processed": 10,
    "succeeded": 10,
    "failed": 0,
    "execution_time": "5.2s"
  }
}

Run BC Verify Operation

Manually trigger BC verify operation.

Action: gsm_bc_verify_now

Request:

jQuery.ajax({
  url: ajaxurl,
  type: 'POST',
  data: {
    action: 'gsm_bc_verify_now',
    nonce: gsmBcExport.nonce
  }
});

Response:

{
  "success": true,
  "data": {
    "message": "Verify operation completed",
    "processed": 8,
    "verified": 8,
    "pending": 0,
    "execution_time": "2.1s"
  }
}

Error Handling

All AJAX endpoints return standardized error responses:

Common Errors

Permission Denied

{
  "success": false,
  "data": {
    "message": "You do not have permission to perform this action."
  }
}

Invalid Nonce

{
  "success": false,
  "data": {
    "message": "Security check failed."
  }
}

Missing Parameters

{
  "success": false,
  "data": {
    "message": "Required parameter missing: id"
  }
}

Implementation Examples

Complete AJAX Call with Error Handling

function testDatabaseConnection(credentials) {
  return new Promise((resolve, reject) => {
    jQuery.ajax({
      url: ajaxurl,
      type: 'POST',
      data: {
        action: 'gsm_middleware_test_connection',
        nonce: gsmSettings.nonce,
        use_external_db: true,
        ...credentials
      },
      success: function(response) {
        if (response.success) {
          resolve(response.data);
        } else {
          reject(response.data.message);
        }
      },
      error: function(xhr, status, error) {
        reject('Network error: ' + error);
      }
    });
  });
}

// Usage
testDatabaseConnection({
  db_host: 'localhost',
  db_name: 'middleware_db',
  db_user: 'user',
  db_password: 'pass'
})
.then(data => {
  console.log('Success:', data.message);
  console.log('Server info:', data.info);
})
.catch(error => {
  console.error('Error:', error);
});

Using Async/Await

async function runBcInsert() {
  try {
    const response = await jQuery.ajax({
      url: ajaxurl,
      type: 'POST',
      data: {
        action: 'gsm_bc_insert_now',
        nonce: gsmBcExport.nonce
      }
    });
    
    if (response.success) {
      alert(`Success! Processed ${response.data.processed} orders`);
      return response.data;
    } else {
      throw new Error(response.data.message);
    }
  } catch (error) {
    alert('Error: ' + error.message);
    throw error;
  }
}

React/Modern JavaScript

const testConnection = async (connectionId) => {
  const formData = new FormData();
  formData.append('action', 'gsm_test_api_connection');
  formData.append('nonce', gsmApiConnections.nonce);
  formData.append('id', connectionId);
  
  const response = await fetch(ajaxurl, {
    method: 'POST',
    body: formData
  });
  
  const data = await response.json();
  
  if (!data.success) {
    throw new Error(data.data.message);
  }
  
  return data.data;
};

Security Best Practices

Always Verify Nonces

// Nonce is localized in the page
wp_localize_script('your-script', 'gsmSettings', [
  'nonce' => wp_create_nonce('gsm_middleware_nonce')
]);

// Use in AJAX request
data: {
  nonce: gsmSettings.nonce,
  // ... other data
}

Don't Expose Sensitive Data

// ❌ BAD - Logs sensitive data
console.log('Password:', password);

// ✅ GOOD - Only log status
console.log('Connection test initiated');

Handle Errors Gracefully

.fail(function(xhr, status, error) {
  // Don't expose internal errors to users
  console.error('AJAX error:', error);
  alert('An error occurred. Please try again.');
});

Debugging

Enable Debug Mode

Add to wp-config.php:

define('WP_DEBUG', true);
define('WP_DEBUG_LOG', true);

Check Browser Console

// Add debug logging
jQuery(document).ajaxError(function(event, xhr, settings, error) {
  console.error('AJAX Error:', settings.url, error);
});

Check PHP Error Log

tail -f /var/log/wordpress/debug.log

Next Steps

• REST API - REST API endpoints
• Control Panel - Admin interface guide
• BC Export - BC Export operations