[ Index ] |
PHP Cross Reference of WordPress |
[Summary view] [Print] [Text view]
1 <?php 2 /** 3 * WordPress Ajax Process Execution 4 * 5 * @package WordPress 6 * @subpackage Administration 7 * 8 * @link https://codex.wordpress.org/AJAX_in_Plugins 9 */ 10 11 /** 12 * Executing Ajax process. 13 * 14 * @since 2.1.0 15 */ 16 define( 'DOING_AJAX', true ); 17 if ( ! defined( 'WP_ADMIN' ) ) { 18 define( 'WP_ADMIN', true ); 19 } 20 21 /** Load WordPress Bootstrap */ 22 require_once dirname( __DIR__ ) . '/wp-load.php'; 23 24 /** Allow for cross-domain requests (from the front end). */ 25 send_origin_headers(); 26 27 header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) ); 28 header( 'X-Robots-Tag: noindex' ); 29 30 // Require a valid action parameter. 31 if ( empty( $_REQUEST['action'] ) || ! is_scalar( $_REQUEST['action'] ) ) { 32 wp_die( '0', 400 ); 33 } 34 35 /** Load WordPress Administration APIs */ 36 require_once ABSPATH . 'wp-admin/includes/admin.php'; 37 38 /** Load Ajax Handlers for WordPress Core */ 39 require_once ABSPATH . 'wp-admin/includes/ajax-actions.php'; 40 41 send_nosniff_header(); 42 nocache_headers(); 43 44 /** This action is documented in wp-admin/admin.php */ 45 do_action( 'admin_init' ); 46 47 $core_actions_get = array( 48 'fetch-list', 49 'ajax-tag-search', 50 'wp-compression-test', 51 'imgedit-preview', 52 'oembed-cache', 53 'autocomplete-user', 54 'dashboard-widgets', 55 'logged-in', 56 'rest-nonce', 57 ); 58 59 $core_actions_post = array( 60 'oembed-cache', 61 'image-editor', 62 'delete-comment', 63 'delete-tag', 64 'delete-link', 65 'delete-meta', 66 'delete-post', 67 'trash-post', 68 'untrash-post', 69 'delete-page', 70 'dim-comment', 71 'add-link-category', 72 'add-tag', 73 'get-tagcloud', 74 'get-comments', 75 'replyto-comment', 76 'edit-comment', 77 'add-menu-item', 78 'add-meta', 79 'add-user', 80 'closed-postboxes', 81 'hidden-columns', 82 'update-welcome-panel', 83 'menu-get-metabox', 84 'wp-link-ajax', 85 'menu-locations-save', 86 'menu-quick-search', 87 'meta-box-order', 88 'get-permalink', 89 'sample-permalink', 90 'inline-save', 91 'inline-save-tax', 92 'find_posts', 93 'widgets-order', 94 'save-widget', 95 'delete-inactive-widgets', 96 'set-post-thumbnail', 97 'date_format', 98 'time_format', 99 'wp-remove-post-lock', 100 'dismiss-wp-pointer', 101 'upload-attachment', 102 'get-attachment', 103 'query-attachments', 104 'save-attachment', 105 'save-attachment-compat', 106 'send-link-to-editor', 107 'send-attachment-to-editor', 108 'save-attachment-order', 109 'media-create-image-subsizes', 110 'heartbeat', 111 'get-revision-diffs', 112 'save-user-color-scheme', 113 'update-widget', 114 'query-themes', 115 'parse-embed', 116 'set-attachment-thumbnail', 117 'parse-media-shortcode', 118 'destroy-sessions', 119 'install-plugin', 120 'update-plugin', 121 'crop-image', 122 'generate-password', 123 'save-wporg-username', 124 'delete-plugin', 125 'search-plugins', 126 'search-install-plugins', 127 'activate-plugin', 128 'update-theme', 129 'delete-theme', 130 'install-theme', 131 'get-post-thumbnail-html', 132 'get-community-events', 133 'edit-theme-plugin-file', 134 'wp-privacy-export-personal-data', 135 'wp-privacy-erase-personal-data', 136 'health-check-site-status-result', 137 'health-check-dotorg-communication', 138 'health-check-is-in-debug-mode', 139 'health-check-background-updates', 140 'health-check-loopback-requests', 141 'health-check-get-sizes', 142 'toggle-auto-updates', 143 'send-password-reset', 144 ); 145 146 // Deprecated. 147 $core_actions_post_deprecated = array( 148 'wp-fullscreen-save-post', 149 'press-this-save-post', 150 'press-this-add-category', 151 'health-check-dotorg-communication', 152 'health-check-is-in-debug-mode', 153 'health-check-background-updates', 154 'health-check-loopback-requests', 155 ); 156 157 $core_actions_post = array_merge( $core_actions_post, $core_actions_post_deprecated ); 158 159 // Register core Ajax calls. 160 if ( ! empty( $_GET['action'] ) && in_array( $_GET['action'], $core_actions_get, true ) ) { 161 add_action( 'wp_ajax_' . $_GET['action'], 'wp_ajax_' . str_replace( '-', '_', $_GET['action'] ), 1 ); 162 } 163 164 if ( ! empty( $_POST['action'] ) && in_array( $_POST['action'], $core_actions_post, true ) ) { 165 add_action( 'wp_ajax_' . $_POST['action'], 'wp_ajax_' . str_replace( '-', '_', $_POST['action'] ), 1 ); 166 } 167 168 add_action( 'wp_ajax_nopriv_generate-password', 'wp_ajax_nopriv_generate_password' ); 169 170 add_action( 'wp_ajax_nopriv_heartbeat', 'wp_ajax_nopriv_heartbeat', 1 ); 171 172 $action = $_REQUEST['action']; 173 174 if ( is_user_logged_in() ) { 175 // If no action is registered, return a Bad Request response. 176 if ( ! has_action( "wp_ajax_{$action}" ) ) { 177 wp_die( '0', 400 ); 178 } 179 180 /** 181 * Fires authenticated Ajax actions for logged-in users. 182 * 183 * The dynamic portion of the hook name, `$action`, refers 184 * to the name of the Ajax action callback being fired. 185 * 186 * @since 2.1.0 187 */ 188 do_action( "wp_ajax_{$action}" ); 189 } else { 190 // If no action is registered, return a Bad Request response. 191 if ( ! has_action( "wp_ajax_nopriv_{$action}" ) ) { 192 wp_die( '0', 400 ); 193 } 194 195 /** 196 * Fires non-authenticated Ajax actions for logged-out users. 197 * 198 * The dynamic portion of the hook name, `$action`, refers 199 * to the name of the Ajax action callback being fired. 200 * 201 * @since 2.8.0 202 */ 203 do_action( "wp_ajax_nopriv_{$action}" ); 204 } 205 206 // Default status. 207 wp_die( '0' );
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Sun Dec 22 01:00:02 2024 | Cross-referenced by PHPXref 0.7.1 |