Customizer: Send JSON success for `customize_save` and allow response to be filtered.

props westonruter. fixes #29098. Built from https://develop.svn.wordpress.org/trunk@31062 git-svn-id: http://core.svn.wordpress.org/trunk@31043 1a063a9b-81f0-0310-95a4-ce76da25c4cd
2015-01-06 21:47:23 +00:00 · 2015-01-06 21:47:23 +00:00 · 56981c7143
parent c6e7a90331
commit 56981c7143
4 changed files with 37 additions and 18 deletions
--- a/wp-admin/js/customize-controls.js
+++ b/wp-admin/js/customize-controls.js
@ -1945,7 +1945,6 @@
 			save: function() {
 				var self  = this,
 					query = $.extend( this.query(), {
-						action: 'customize_save',
 						nonce:  this.nonce.save
 					} ),
 					processing = api.state( 'processing' ),
@ -1955,7 +1954,7 @@
 				body.addClass( 'saving' );

 				submit = function () {
-					var request = $.post( api.settings.url.ajax, query );
+					var request = wp.ajax.post( 'customize_save', query );

 					api.trigger( 'save', request );

@ -1963,28 +1962,33 @@
 						body.removeClass( 'saving' );
 					} );

-					request.done( function( response ) {
-						// Check if the user is logged out.
+					request.fail( function ( response ) {
 						if ( '0' === response ) {
+							response = 'not_logged_in';
+						} else if ( '-1' === response ) {
+							// Back-compat in case any other check_ajax_referer() call is dying
+							response = 'invalid_nonce';
+						}
+
+						if ( 'invalid_nonce' === response ) {
+							self.cheatin();
+						} else if ( 'not_logged_in' === response ) {
 							self.preview.iframe.hide();
 							self.login().done( function() {
 								self.save();
 								self.preview.iframe.show();
 							} );
-							return;
-						}
-
-						// Check for cheaters.
-						if ( '-1' === response ) {
-							self.cheatin();
-							return;
 						}
+						api.trigger( 'error', response );
+					} );

+					request.done( function( response ) {
 						// Clear setting dirty states
 						api.each( function ( value ) {
 							value._dirty = false;
 						} );
-						api.trigger( 'saved' );
+
+						api.trigger( 'saved', response );
 					} );
 				};

--- a/wp-admin/js/customize-controls.min.js
+++ b/wp-admin/js/customize-controls.min.js
--- a/wp-includes/class-wp-customize-manager.php
+++ b/wp-includes/class-wp-customize-manager.php
@ -628,10 +628,14 @@ final class WP_Customize_Manager {
 	 * @since 3.4.0
 	 */
 	public function save() {
-		if ( ! $this->is_preview() )
-			die;
+		if ( ! $this->is_preview() ) {
+			wp_send_json_error( 'not_preview' );
+		}

-		check_ajax_referer( 'save-customize_' . $this->get_stylesheet(), 'nonce' );
+		$action = 'save-customize_' . $this->get_stylesheet();
+		if ( ! check_ajax_referer( $action, 'nonce', false ) ) {
+			wp_send_json_error( 'invalid_nonce' );
+		}

 		// Do we have to switch themes?
 		if ( ! $this->is_theme_active() ) {
@ -666,7 +670,18 @@ final class WP_Customize_Manager {
 		 */
 		do_action( 'customize_save_after', $this );

-		die;
+		/**
+		 * Filter response data for a successful customize_save Ajax request.
+		 * 
+		 * This filter does not apply if there was a nonce or authentication failure.
+		 *
+		 * @since 4.2.0
+		 *
+		 * @param array $data
+		 * @param WP_Customize_Manager $this WP_Customize_Manager instance.
+		 */
+		$response = apply_filters( 'customize_save_response', array(), $this );
+		wp_send_json_success( $response );
 	}

 	/**
--- a/wp-includes/version.php
+++ b/wp-includes/version.php
@ -4,7 +4,7 @@
 *
 * @global string $wp_version
 */
-$wp_version = '4.2-alpha-31061';
+$wp_version = '4.2-alpha-31062';

 /**
 * Holds the WordPress DB revision, increments when changes are made to the WordPress DB schema.