mirror of
https://github.com/WordPress/WordPress.git
synced 2024-11-08 03:40:20 +01:00
8c82515ab6
Gone are the days of isolation and feelings of "meh", brought on by The Bleak Screen of Sadness. For a shiny knight has arrived to usher our plugins and themes along their arduous journey of installation, updates, and the inevitable fate of ultimate deletion. Props swissspidy, adamsilverstein, mapk, afragen, ocean90, ryelle, j-falk, michael-arestad, melchoyce, DrewAPicture, AdamSoucie, ethitter, pento, dd32, kraftbj, Ipstenu, jorbin, afercia, stephdau, paulwilde, jipmoors, khag7, svovaf, jipmoors, obenland. Fixes #22029, #25828, #31002, #31529, #31530, #31773, #33637, #35032. Built from https://develop.svn.wordpress.org/trunk@37714 git-svn-id: http://core.svn.wordpress.org/trunk@37680 1a063a9b-81f0-0310-95a4-ce76da25c4cd
105 lines
3.7 KiB
PHP
105 lines
3.7 KiB
PHP
<?php
|
|
/**
|
|
* WordPress AJAX Process Execution.
|
|
*
|
|
* @package WordPress
|
|
* @subpackage Administration
|
|
*
|
|
* @link https://codex.wordpress.org/AJAX_in_Plugins
|
|
*/
|
|
|
|
/**
|
|
* Executing AJAX process.
|
|
*
|
|
* @since 2.1.0
|
|
*/
|
|
define( 'DOING_AJAX', true );
|
|
if ( ! defined( 'WP_ADMIN' ) ) {
|
|
define( 'WP_ADMIN', true );
|
|
}
|
|
|
|
/** Load WordPress Bootstrap */
|
|
require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' );
|
|
|
|
/** Allow for cross-domain requests (from the front end). */
|
|
send_origin_headers();
|
|
|
|
// Require an action parameter
|
|
if ( empty( $_REQUEST['action'] ) )
|
|
die( '0' );
|
|
|
|
/** Load WordPress Administration APIs */
|
|
require_once( ABSPATH . 'wp-admin/includes/admin.php' );
|
|
|
|
/** Load Ajax Handlers for WordPress Core */
|
|
require_once( ABSPATH . 'wp-admin/includes/ajax-actions.php' );
|
|
|
|
@header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) );
|
|
@header( 'X-Robots-Tag: noindex' );
|
|
|
|
send_nosniff_header();
|
|
nocache_headers();
|
|
|
|
/** This action is documented in wp-admin/admin.php */
|
|
do_action( 'admin_init' );
|
|
|
|
$core_actions_get = array(
|
|
'fetch-list', 'ajax-tag-search', 'wp-compression-test', 'imgedit-preview', 'oembed-cache',
|
|
'autocomplete-user', 'dashboard-widgets', 'logged-in',
|
|
);
|
|
|
|
$core_actions_post = array(
|
|
'oembed-cache', 'image-editor', 'delete-comment', 'delete-tag', 'delete-link',
|
|
'delete-meta', 'delete-post', 'trash-post', 'untrash-post', 'delete-page', 'dim-comment',
|
|
'add-link-category', 'add-tag', 'get-tagcloud', 'get-comments', 'replyto-comment',
|
|
'edit-comment', 'add-menu-item', 'add-meta', 'add-user', 'closed-postboxes',
|
|
'hidden-columns', 'update-welcome-panel', 'menu-get-metabox', 'wp-link-ajax',
|
|
'menu-locations-save', 'menu-quick-search', 'meta-box-order', 'get-permalink',
|
|
'sample-permalink', 'inline-save', 'inline-save-tax', 'find_posts', 'widgets-order',
|
|
'save-widget', 'delete-inactive-widgets', 'set-post-thumbnail', 'date_format', 'time_format',
|
|
'wp-remove-post-lock', 'dismiss-wp-pointer', 'upload-attachment', 'get-attachment',
|
|
'query-attachments', 'save-attachment', 'save-attachment-compat', 'send-link-to-editor',
|
|
'send-attachment-to-editor', 'save-attachment-order', 'heartbeat', 'get-revision-diffs',
|
|
'save-user-color-scheme', 'update-widget', 'query-themes', 'parse-embed', 'set-attachment-thumbnail',
|
|
'parse-media-shortcode', 'destroy-sessions', 'install-plugin', 'update-plugin', 'press-this-save-post',
|
|
'press-this-add-category', 'crop-image', 'generate-password', 'save-wporg-username', 'delete-plugin',
|
|
'search-plugins', 'search-install-plugins', 'activate-plugin', 'update-theme', 'delete-theme',
|
|
'install-theme',
|
|
);
|
|
|
|
// Deprecated
|
|
$core_actions_post[] = 'wp-fullscreen-save-post';
|
|
|
|
// Register core Ajax calls.
|
|
if ( ! empty( $_GET['action'] ) && in_array( $_GET['action'], $core_actions_get ) )
|
|
add_action( 'wp_ajax_' . $_GET['action'], 'wp_ajax_' . str_replace( '-', '_', $_GET['action'] ), 1 );
|
|
|
|
if ( ! empty( $_POST['action'] ) && in_array( $_POST['action'], $core_actions_post ) )
|
|
add_action( 'wp_ajax_' . $_POST['action'], 'wp_ajax_' . str_replace( '-', '_', $_POST['action'] ), 1 );
|
|
|
|
add_action( 'wp_ajax_nopriv_heartbeat', 'wp_ajax_nopriv_heartbeat', 1 );
|
|
|
|
if ( is_user_logged_in() ) {
|
|
/**
|
|
* Fires authenticated AJAX actions for logged-in users.
|
|
*
|
|
* The dynamic portion of the hook name, `$_REQUEST['action']`,
|
|
* refers to the name of the AJAX action callback being fired.
|
|
*
|
|
* @since 2.1.0
|
|
*/
|
|
do_action( 'wp_ajax_' . $_REQUEST['action'] );
|
|
} else {
|
|
/**
|
|
* Fires non-authenticated AJAX actions for logged-out users.
|
|
*
|
|
* The dynamic portion of the hook name, `$_REQUEST['action']`,
|
|
* refers to the name of the AJAX action callback being fired.
|
|
*
|
|
* @since 2.8.0
|
|
*/
|
|
do_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] );
|
|
}
|
|
// Default status
|
|
die( '0' );
|