From a23cc5634f11a8e17feff524e576d420c1dbdd40 Mon Sep 17 00:00:00 2001 From: Drew Jaynes Date: Tue, 13 May 2014 07:24:15 +0000 Subject: [PATCH] Properly split and document the `admin_post*` actions into the following four hooks: MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit * `admin_post_nopriv` – for logged-out requests lacking a supplied action * `admin_post_nopriv_$action – for logged-out requests with a supplied action * `admin_post` – for logged-in requests lacking a supplied action * `admin_post_$action` – for logged-in requests with a supplied action See [28349], [28350], [28351]. See #26869. Built from https://develop.svn.wordpress.org/trunk@28394 git-svn-id: http://core.svn.wordpress.org/trunk@28222 1a063a9b-81f0-0310-95a4-ce76da25c4cd --- wp-admin/admin-post.php | 67 ++++++++++++++++++++++++----------------- 1 file changed, 40 insertions(+), 27 deletions(-) diff --git a/wp-admin/admin-post.php b/wp-admin/admin-post.php index 6c290c66b4..221fc8c2e3 100644 --- a/wp-admin/admin-post.php +++ b/wp-admin/admin-post.php @@ -26,31 +26,44 @@ nocache_headers(); /** This action is documented in wp-admin/admin.php */ do_action( 'admin_init' ); -$action = ''; +$action = empty( $_REQUEST['action'] ) ? '' : $_REQUEST['action']; -if ( !wp_validate_auth_cookie() ) - $action .= '_nopriv'; - -if ( !empty($_REQUEST['action']) ) - $action .= '_' . $_REQUEST['action']; - -/** - * Fires the requested handler action. - * - * The dynamic portion of the hook name, $action, refers to a combination - * of whether the user is logged-in or not, and the requested handler action. - * - * If the user is logged-out, '_nopriv' will be affixed to the - * base "admin_post" hook name. If a handler action was passed, that action - * will also be affixed. - * - * For example: - * Hook combinations fired for logged-out users: - * `admin_post_nopriv_{$action}` and `admin_post_nopriv` (no action supplied). - * - * Hook combinations fired for logged-in users: - * `admin_post_{$action}` and `admin_post` (no action supplied). - * - * @since 2.6.0 - */ -do_action( "admin_post{$action}" ); +if ( ! wp_validate_auth_cookie() ) { + if ( empty( $action ) ) { + /** + * Fires on a non-authenticated admin post request where no action was supplied. + * + * @since 2.6.0 + */ + do_action( 'admin_post_nopriv' ); + } else { + /** + * Fires on a non-authenticated admin post request for the given action. + * + * The dynamic portion of the hook name, $action, refers to the given + * request action. + * + * @since 2.6.0 + */ + do_action( "admin_post_nopriv_{$action}" ); + } +} else { + if ( empty( $action ) ) { + /** + * Fires on an authenticated admin post request where no action was supplied. + * + * @since 2.6.0 + */ + do_action( 'admin_post' ); + } else { + /** + * Fires on an authenticated admin post request for the given action. + * + * The dynamic portion of the hook name, $action, refers to the given + * request action. + * + * @since 2.6.0 + */ + do_action( "admin_post_{$action}" ); + } +}