14 * @since 2.1.0 |
14 * @since 2.1.0 |
15 */ |
15 */ |
16 define( 'DOING_AJAX', true ); |
16 define( 'DOING_AJAX', true ); |
17 define( 'WP_ADMIN', true ); |
17 define( 'WP_ADMIN', true ); |
18 |
18 |
|
19 /** Load WordPress Bootstrap */ |
|
20 require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' ); |
|
21 |
|
22 /** Allow for cross-domain requests (from the frontend). */ |
|
23 send_origin_headers(); |
|
24 |
19 // Require an action parameter |
25 // Require an action parameter |
20 if ( empty( $_REQUEST['action'] ) ) |
26 if ( empty( $_REQUEST['action'] ) ) |
21 die( '0' ); |
27 die( '0' ); |
22 |
|
23 /** Load WordPress Bootstrap */ |
|
24 require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' ); |
|
25 |
28 |
26 /** Load WordPress Administration APIs */ |
29 /** Load WordPress Administration APIs */ |
27 require_once( ABSPATH . 'wp-admin/includes/admin.php' ); |
30 require_once( ABSPATH . 'wp-admin/includes/admin.php' ); |
28 |
31 |
29 /** Load Ajax Handlers for WordPress Core */ |
32 /** Load Ajax Handlers for WordPress Core */ |
31 |
34 |
32 @header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) ); |
35 @header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) ); |
33 @header( 'X-Robots-Tag: noindex' ); |
36 @header( 'X-Robots-Tag: noindex' ); |
34 |
37 |
35 send_nosniff_header(); |
38 send_nosniff_header(); |
|
39 nocache_headers(); |
36 |
40 |
37 do_action( 'admin_init' ); |
41 do_action( 'admin_init' ); |
38 |
42 |
39 $core_actions_get = array( |
43 $core_actions_get = array( |
40 'fetch-list', 'ajax-tag-search', 'wp-compression-test', 'imgedit-preview', 'oembed-cache', |
44 'fetch-list', 'ajax-tag-search', 'wp-compression-test', 'imgedit-preview', 'oembed-cache', |
48 'edit-comment', 'add-menu-item', 'add-meta', 'add-user', 'autosave', 'closed-postboxes', |
52 'edit-comment', 'add-menu-item', 'add-meta', 'add-user', 'autosave', 'closed-postboxes', |
49 'hidden-columns', 'update-welcome-panel', 'menu-get-metabox', 'wp-link-ajax', |
53 'hidden-columns', 'update-welcome-panel', 'menu-get-metabox', 'wp-link-ajax', |
50 'menu-locations-save', 'menu-quick-search', 'meta-box-order', 'get-permalink', |
54 'menu-locations-save', 'menu-quick-search', 'meta-box-order', 'get-permalink', |
51 'sample-permalink', 'inline-save', 'inline-save-tax', 'find_posts', 'widgets-order', |
55 'sample-permalink', 'inline-save', 'inline-save-tax', 'find_posts', 'widgets-order', |
52 'save-widget', 'set-post-thumbnail', 'date_format', 'time_format', 'wp-fullscreen-save-post', |
56 'save-widget', 'set-post-thumbnail', 'date_format', 'time_format', 'wp-fullscreen-save-post', |
53 'wp-remove-post-lock', 'dismiss-wp-pointer', 'upload-attachment', |
57 'wp-remove-post-lock', 'dismiss-wp-pointer', 'upload-attachment', 'get-attachment', |
|
58 'query-attachments', 'save-attachment', 'save-attachment-compat', 'send-link-to-editor', |
|
59 'send-attachment-to-editor', 'save-attachment-order', |
54 ); |
60 ); |
55 |
61 |
56 // Register core Ajax calls. |
62 // Register core Ajax calls. |
57 if ( ! empty( $_GET['action'] ) && in_array( $_GET['action'], $core_actions_get ) ) |
63 if ( ! empty( $_GET['action'] ) && in_array( $_GET['action'], $core_actions_get ) ) |
58 add_action( 'wp_ajax_' . $_GET['action'], 'wp_ajax_' . str_replace( '-', '_', $_GET['action'] ), 1 ); |
64 add_action( 'wp_ajax_' . $_GET['action'], 'wp_ajax_' . str_replace( '-', '_', $_GET['action'] ), 1 ); |