equal
deleted
inserted
replaced
25 send_origin_headers(); |
25 send_origin_headers(); |
26 |
26 |
27 header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) ); |
27 header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) ); |
28 header( 'X-Robots-Tag: noindex' ); |
28 header( 'X-Robots-Tag: noindex' ); |
29 |
29 |
30 // Require an action parameter. |
30 // Require a valid action parameter. |
31 if ( empty( $_REQUEST['action'] ) ) { |
31 if ( empty( $_REQUEST['action'] ) || ! is_scalar( $_REQUEST['action'] ) ) { |
32 wp_die( '0', 400 ); |
32 wp_die( '0', 400 ); |
33 } |
33 } |
34 |
34 |
35 /** Load WordPress Administration APIs */ |
35 /** Load WordPress Administration APIs */ |
36 require_once ABSPATH . 'wp-admin/includes/admin.php'; |
36 require_once ABSPATH . 'wp-admin/includes/admin.php'; |
166 |
166 |
167 add_action( 'wp_ajax_nopriv_generate-password', 'wp_ajax_nopriv_generate_password' ); |
167 add_action( 'wp_ajax_nopriv_generate-password', 'wp_ajax_nopriv_generate_password' ); |
168 |
168 |
169 add_action( 'wp_ajax_nopriv_heartbeat', 'wp_ajax_nopriv_heartbeat', 1 ); |
169 add_action( 'wp_ajax_nopriv_heartbeat', 'wp_ajax_nopriv_heartbeat', 1 ); |
170 |
170 |
171 $action = ( isset( $_REQUEST['action'] ) ) ? $_REQUEST['action'] : ''; |
171 $action = $_REQUEST['action']; |
172 |
172 |
173 if ( is_user_logged_in() ) { |
173 if ( is_user_logged_in() ) { |
174 // If no action is registered, return a Bad Request response. |
174 // If no action is registered, return a Bad Request response. |
175 if ( ! has_action( "wp_ajax_{$action}" ) ) { |
175 if ( ! has_action( "wp_ajax_{$action}" ) ) { |
176 wp_die( '0', 400 ); |
176 wp_die( '0', 400 ); |
199 * |
199 * |
200 * @since 2.8.0 |
200 * @since 2.8.0 |
201 */ |
201 */ |
202 do_action( "wp_ajax_nopriv_{$action}" ); |
202 do_action( "wp_ajax_nopriv_{$action}" ); |
203 } |
203 } |
|
204 |
204 // Default status. |
205 // Default status. |
205 wp_die( '0' ); |
206 wp_die( '0' ); |