mirror of
https://github.com/WordPress/WordPress.git
synced 2024-12-23 09:37:42 +01:00
2faf449f51
Also includes some changes to move hook docs to directly precede hook lines. This is necessary to prevent DocBlock-matching confusion when core is parsed. Affects DocBlocks for the following hooks: * `wp_ajax_ . $_REQUEST['action']` * `wp_ajax_nopriv_ . $_REQUEST['action']` * `admin_footer- . $GLOBALS['hook_suffix']` * `admin_head-$hook_suffix` * `admin_post_nopriv_{$action}` * `admin_post_{$action}` * `load- . $page_hook` * `load- . $plugin_page` * `load-importer- . $importer` * `load- . $pagenow` * `admin_action_ . $_REQUEST['action']` * `async_upload_{$type}` * `add_meta_boxes_ . $post_type` * `{$taxonomy}_pre_edit_form` * `{$taxonomy}_term_edit_form_tag` * `{$taxonomy}_edit_form_fields` * `{$taxonomy}_edit_form` * `after-{$taxonomy}-table` * `{$taxonomy}_pre_add_form` * `{$taxonomy}_term_new_form_tag` * `{$taxonomy}_add_form_fields` * `{$taxonomy}_add_form` * `media_upload_$type` * `media_upload_$tab` * `install_plugins_pre_$tab` * `install_plugins_$tab` * `install_themes_pre_{$tab}` * `install_themes_{$tab}` * `update-core-custom_{$action}` * `update-custom_{$action}` * `user_{$name}_label` See #30552. Built from https://develop.svn.wordpress.org/trunk@30649 git-svn-id: http://core.svn.wordpress.org/trunk@30639 1a063a9b-81f0-0310-95a4-ce76da25c4cd
99 lines
3.3 KiB
PHP
99 lines
3.3 KiB
PHP
<?php
|
|
/**
|
|
* WordPress AJAX Process Execution.
|
|
*
|
|
* @package WordPress
|
|
* @subpackage Administration
|
|
*
|
|
* @link http://codex.wordpress.org/AJAX_in_Plugins
|
|
*/
|
|
|
|
/**
|
|
* Executing AJAX process.
|
|
*
|
|
* @since 2.1.0
|
|
*/
|
|
define( 'DOING_AJAX', true );
|
|
if ( ! defined( 'WP_ADMIN' ) ) {
|
|
define( 'WP_ADMIN', true );
|
|
}
|
|
|
|
/** Load WordPress Bootstrap */
|
|
require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' );
|
|
|
|
/** Allow for cross-domain requests (from the frontend). */
|
|
send_origin_headers();
|
|
|
|
// Require an action parameter
|
|
if ( empty( $_REQUEST['action'] ) )
|
|
die( '0' );
|
|
|
|
/** Load WordPress Administration APIs */
|
|
require_once( ABSPATH . 'wp-admin/includes/admin.php' );
|
|
|
|
/** Load Ajax Handlers for WordPress Core */
|
|
require_once( ABSPATH . 'wp-admin/includes/ajax-actions.php' );
|
|
|
|
@header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) );
|
|
@header( 'X-Robots-Tag: noindex' );
|
|
|
|
send_nosniff_header();
|
|
nocache_headers();
|
|
|
|
/** This action is documented in wp-admin/admin.php */
|
|
do_action( 'admin_init' );
|
|
|
|
$core_actions_get = array(
|
|
'fetch-list', 'ajax-tag-search', 'wp-compression-test', 'imgedit-preview', 'oembed-cache',
|
|
'autocomplete-user', 'dashboard-widgets', 'logged-in',
|
|
);
|
|
|
|
$core_actions_post = array(
|
|
'oembed-cache', 'image-editor', 'delete-comment', 'delete-tag', 'delete-link',
|
|
'delete-meta', 'delete-post', 'trash-post', 'untrash-post', 'delete-page', 'dim-comment',
|
|
'add-link-category', 'add-tag', 'get-tagcloud', 'get-comments', 'replyto-comment',
|
|
'edit-comment', 'add-menu-item', 'add-meta', 'add-user', 'closed-postboxes',
|
|
'hidden-columns', 'update-welcome-panel', 'menu-get-metabox', 'wp-link-ajax',
|
|
'menu-locations-save', 'menu-quick-search', 'meta-box-order', 'get-permalink',
|
|
'sample-permalink', 'inline-save', 'inline-save-tax', 'find_posts', 'widgets-order',
|
|
'save-widget', 'set-post-thumbnail', 'date_format', 'time_format', 'wp-fullscreen-save-post',
|
|
'wp-remove-post-lock', 'dismiss-wp-pointer', 'upload-attachment', 'get-attachment',
|
|
'query-attachments', 'save-attachment', 'save-attachment-compat', 'send-link-to-editor',
|
|
'send-attachment-to-editor', 'save-attachment-order', 'heartbeat', 'get-revision-diffs',
|
|
'save-user-color-scheme', 'update-widget', 'query-themes', 'parse-embed', 'set-attachment-thumbnail',
|
|
'parse-media-shortcode', 'destroy-sessions'
|
|
);
|
|
|
|
// Register core Ajax calls.
|
|
if ( ! empty( $_GET['action'] ) && in_array( $_GET['action'], $core_actions_get ) )
|
|
add_action( 'wp_ajax_' . $_GET['action'], 'wp_ajax_' . str_replace( '-', '_', $_GET['action'] ), 1 );
|
|
|
|
if ( ! empty( $_POST['action'] ) && in_array( $_POST['action'], $core_actions_post ) )
|
|
add_action( 'wp_ajax_' . $_POST['action'], 'wp_ajax_' . str_replace( '-', '_', $_POST['action'] ), 1 );
|
|
|
|
add_action( 'wp_ajax_nopriv_heartbeat', 'wp_ajax_nopriv_heartbeat', 1 );
|
|
|
|
if ( is_user_logged_in() ) {
|
|
/**
|
|
* Fires authenticated AJAX actions for logged-in users.
|
|
*
|
|
* The dynamic portion of the hook name, `$_REQUEST['action']`,
|
|
* refers to the name of the AJAX action callback being fired.
|
|
*
|
|
* @since 2.1.0
|
|
*/
|
|
do_action( 'wp_ajax_' . $_REQUEST['action'] );
|
|
} else {
|
|
/**
|
|
* Fires non-authenticated AJAX actions for logged-out users.
|
|
*
|
|
* The dynamic portion of the hook name, `$_REQUEST['action']`,
|
|
* refers to the name of the AJAX action callback being fired.
|
|
*
|
|
* @since 2.8.0
|
|
*/
|
|
do_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] );
|
|
}
|
|
// Default status
|
|
die( '0' );
|