I have an app server accessible via an API call. I have another website using WordPress Multisite installation.
On the WordPress side, where is the proper place(s) to put the API calls and view logic for…
- security – not gaining access to the code (probably not any different than other PHP security concerns)
- updating – not having to reconfigure after WP version updates
- coding standards – proper place to put functionality & resulting views
Really don’t want anyone to ever access nor disable the code. It should be persistent across the WPMU network. The code would submit values to the external API via form “view”s, display returned data via “views” and also be user/auth key specific.
I believe the choice is between a plugin and/or theme files but wanted to be sure.
If you’re new, start with what you think will do it for you. If you fail, take a look if the other variants are going better for you. Technically there is not much difference into which file(s) you place your code, because it can be loaded from many.