From 33de6708232b33cca465ae01bba18dca0f0bbe85 Mon Sep 17 00:00:00 2001 From: ryan Date: Thu, 5 Mar 2009 21:43:35 +0000 Subject: [PATCH] Fire nopriv actions from post and ajax handlers when user is not logged in. git-svn-id: http://svn.automattic.com/wordpress/trunk@10720 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/admin-ajax.php | 3 +++ wp-admin/admin-post.php | 7 ++++--- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/wp-admin/admin-ajax.php b/wp-admin/admin-ajax.php index cdde72e46f..0be300cafd 100644 --- a/wp-admin/admin-ajax.php +++ b/wp-admin/admin-ajax.php @@ -37,6 +37,9 @@ if ( ! is_user_logged_in() ) { $x->send(); } + if ( !empty( $_POST['action']) ) + do_action( 'wp_ajax_nopriv_' . $_POST['action'] ); + die('-1'); } diff --git a/wp-admin/admin-post.php b/wp-admin/admin-post.php index 55c7d9f368..d18bf711b3 100644 --- a/wp-admin/admin-post.php +++ b/wp-admin/admin-post.php @@ -16,14 +16,15 @@ else require_once(ABSPATH . 'wp-admin/includes/admin.php'); -if ( !wp_validate_auth_cookie() ) - wp_die(__('Cheatin’ uh?')); - nocache_headers(); do_action('admin_init'); $action = 'admin_post'; + +if ( !wp_validate_auth_cookie() ) + $action .= '_nopriv'; + if ( !empty($_REQUEST['action']) ) $action .= '_' . $_REQUEST['action'];