| author | ymh <ymh.work@gmail.com> |
| Mon, 14 Oct 2019 17:39:30 +0200 | |
| changeset 7 | cf61fcea0001 |
| parent 5 | 5e2f62d02dcd |
| child 9 | 177826044cd9 |
| permissions | -rw-r--r-- |
| 0 | 1 |
<?php |
2 |
/** |
|
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
3 |
* WordPress Ajax Process Execution |
| 0 | 4 |
* |
5 |
* @package WordPress |
|
6 |
* @subpackage Administration |
|
7 |
* |
|
| 5 | 8 |
* @link https://codex.wordpress.org/AJAX_in_Plugins |
| 0 | 9 |
*/ |
10 |
||
11 |
/** |
|
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
12 |
* Executing Ajax process. |
| 0 | 13 |
* |
14 |
* @since 2.1.0 |
|
15 |
*/ |
|
16 |
define( 'DOING_AJAX', true ); |
|
| 5 | 17 |
if ( ! defined( 'WP_ADMIN' ) ) { |
18 |
define( 'WP_ADMIN', true ); |
|
19 |
} |
|
| 0 | 20 |
|
21 |
/** Load WordPress Bootstrap */ |
|
22 |
require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' ); |
|
23 |
||
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
24 |
/** Allow for cross-domain requests (from the front end). */ |
| 0 | 25 |
send_origin_headers(); |
26 |
||
27 |
// Require an action parameter |
|
28 |
if ( empty( $_REQUEST['action'] ) ) |
|
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
29 |
wp_die( '0', 400 ); |
| 0 | 30 |
|
31 |
/** Load WordPress Administration APIs */ |
|
32 |
require_once( ABSPATH . 'wp-admin/includes/admin.php' ); |
|
33 |
||
34 |
/** Load Ajax Handlers for WordPress Core */ |
|
35 |
require_once( ABSPATH . 'wp-admin/includes/ajax-actions.php' ); |
|
36 |
||
37 |
@header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) ); |
|
38 |
@header( 'X-Robots-Tag: noindex' ); |
|
39 |
||
40 |
send_nosniff_header(); |
|
41 |
nocache_headers(); |
|
42 |
||
43 |
/** This action is documented in wp-admin/admin.php */ |
|
44 |
do_action( 'admin_init' ); |
|
45 |
||
46 |
$core_actions_get = array( |
|
47 |
'fetch-list', 'ajax-tag-search', 'wp-compression-test', 'imgedit-preview', 'oembed-cache', |
|
48 |
'autocomplete-user', 'dashboard-widgets', 'logged-in', |
|
49 |
); |
|
50 |
||
51 |
$core_actions_post = array( |
|
52 |
'oembed-cache', 'image-editor', 'delete-comment', 'delete-tag', 'delete-link', |
|
53 |
'delete-meta', 'delete-post', 'trash-post', 'untrash-post', 'delete-page', 'dim-comment', |
|
54 |
'add-link-category', 'add-tag', 'get-tagcloud', 'get-comments', 'replyto-comment', |
|
| 5 | 55 |
'edit-comment', 'add-menu-item', 'add-meta', 'add-user', 'closed-postboxes', |
| 0 | 56 |
'hidden-columns', 'update-welcome-panel', 'menu-get-metabox', 'wp-link-ajax', |
57 |
'menu-locations-save', 'menu-quick-search', 'meta-box-order', 'get-permalink', |
|
58 |
'sample-permalink', 'inline-save', 'inline-save-tax', 'find_posts', 'widgets-order', |
|
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
59 |
'save-widget', 'delete-inactive-widgets', 'set-post-thumbnail', 'date_format', 'time_format', |
| 0 | 60 |
'wp-remove-post-lock', 'dismiss-wp-pointer', 'upload-attachment', 'get-attachment', |
61 |
'query-attachments', 'save-attachment', 'save-attachment-compat', 'send-link-to-editor', |
|
62 |
'send-attachment-to-editor', 'save-attachment-order', 'heartbeat', 'get-revision-diffs', |
|
| 5 | 63 |
'save-user-color-scheme', 'update-widget', 'query-themes', 'parse-embed', 'set-attachment-thumbnail', |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
64 |
'parse-media-shortcode', 'destroy-sessions', 'install-plugin', 'update-plugin', 'crop-image', |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
65 |
'generate-password', 'save-wporg-username', 'delete-plugin', 'search-plugins', |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
66 |
'search-install-plugins', 'activate-plugin', 'update-theme', 'delete-theme', 'install-theme', |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
67 |
'get-post-thumbnail-html', 'get-community-events', 'edit-theme-plugin-file', |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
68 |
'wp-privacy-export-personal-data', |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
69 |
'wp-privacy-erase-personal-data', |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
70 |
'update-try-gutenberg-panel', |
| 0 | 71 |
); |
72 |
||
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
73 |
// Deprecated |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
74 |
$core_actions_post_deprecated = array( 'wp-fullscreen-save-post', 'press-this-save-post', 'press-this-add-category' ); |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
75 |
$core_actions_post = array_merge( $core_actions_post, $core_actions_post_deprecated ); |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
76 |
|
| 0 | 77 |
// Register core Ajax calls. |
78 |
if ( ! empty( $_GET['action'] ) && in_array( $_GET['action'], $core_actions_get ) ) |
|
79 |
add_action( 'wp_ajax_' . $_GET['action'], 'wp_ajax_' . str_replace( '-', '_', $_GET['action'] ), 1 ); |
|
80 |
||
81 |
if ( ! empty( $_POST['action'] ) && in_array( $_POST['action'], $core_actions_post ) ) |
|
82 |
add_action( 'wp_ajax_' . $_POST['action'], 'wp_ajax_' . str_replace( '-', '_', $_POST['action'] ), 1 ); |
|
83 |
||
84 |
add_action( 'wp_ajax_nopriv_heartbeat', 'wp_ajax_nopriv_heartbeat', 1 ); |
|
85 |
||
86 |
if ( is_user_logged_in() ) { |
|
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
87 |
// If no action is registered, return a Bad Request response. |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
88 |
if ( ! has_action( 'wp_ajax_' . $_REQUEST['action'] ) ) { |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
89 |
wp_die( '0', 400 ); |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
90 |
} |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
91 |
|
| 0 | 92 |
/** |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
93 |
* Fires authenticated Ajax actions for logged-in users. |
| 0 | 94 |
* |
| 5 | 95 |
* The dynamic portion of the hook name, `$_REQUEST['action']`, |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
96 |
* refers to the name of the Ajax action callback being fired. |
| 0 | 97 |
* |
98 |
* @since 2.1.0 |
|
99 |
*/ |
|
100 |
do_action( 'wp_ajax_' . $_REQUEST['action'] ); |
|
101 |
} else { |
|
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
102 |
// If no action is registered, return a Bad Request response. |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
103 |
if ( ! has_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] ) ) { |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
104 |
wp_die( '0', 400 ); |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
105 |
} |
|
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
106 |
|
| 0 | 107 |
/** |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
108 |
* Fires non-authenticated Ajax actions for logged-out users. |
| 0 | 109 |
* |
| 5 | 110 |
* The dynamic portion of the hook name, `$_REQUEST['action']`, |
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
111 |
* refers to the name of the Ajax action callback being fired. |
| 0 | 112 |
* |
113 |
* @since 2.8.0 |
|
114 |
*/ |
|
115 |
do_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] ); |
|
116 |
} |
|
117 |
// Default status |
|
|
7
cf61fcea0001
resynchronize code repo with production
ymh <ymh.work@gmail.com>
parents:
5
diff
changeset
|
118 |
wp_die( '0' ); |