mirror of
https://github.com/WordPress/WordPress.git
synced 2025-01-24 17:21:34 +01:00
3dbba0fff3
Previously, changing the post thumbnail of a published post in the edit screen would immediately apply the change, rather than waiting for the post to be saved before applying the update. This could lead to someone unintentionally editing the post thumbnail on a published post, and made it impossible to preview changes to post thumbnails on published posts before saving the change. This introduces a new Ajax handler, `wp_ajax_get_post_thumbnail_html()` to retrieve the HTML for the post thumbnail meta box without updating the post meta value for `_thumbnail_id`. It also allows post thumbnail changes to be previewed by passing the `_thumbnail_id` as a query variable to the preview screen and adding a new filter, `_wp_preview_post_thumbnail_filter()`, which gets applied to `get_post_metadata` during the post preview process. Props flixos90. Fixes #12922. Built from https://develop.svn.wordpress.org/trunk@38118 git-svn-id: http://core.svn.wordpress.org/trunk@38059 1a063a9b-81f0-0310-95a4-ce76da25c4cd
105 lines
3.7 KiB
PHP
105 lines
3.7 KiB
PHP
<?php
|
|
/**
|
|
* WordPress Ajax Process Execution
|
|
*
|
|
* @package WordPress
|
|
* @subpackage Administration
|
|
*
|
|
* @link https://codex.wordpress.org/AJAX_in_Plugins
|
|
*/
|
|
|
|
/**
|
|
* Executing Ajax process.
|
|
*
|
|
* @since 2.1.0
|
|
*/
|
|
define( 'DOING_AJAX', true );
|
|
if ( ! defined( 'WP_ADMIN' ) ) {
|
|
define( 'WP_ADMIN', true );
|
|
}
|
|
|
|
/** Load WordPress Bootstrap */
|
|
require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' );
|
|
|
|
/** Allow for cross-domain requests (from the front end). */
|
|
send_origin_headers();
|
|
|
|
// Require an action parameter
|
|
if ( empty( $_REQUEST['action'] ) )
|
|
die( '0' );
|
|
|
|
/** Load WordPress Administration APIs */
|
|
require_once( ABSPATH . 'wp-admin/includes/admin.php' );
|
|
|
|
/** Load Ajax Handlers for WordPress Core */
|
|
require_once( ABSPATH . 'wp-admin/includes/ajax-actions.php' );
|
|
|
|
@header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) );
|
|
@header( 'X-Robots-Tag: noindex' );
|
|
|
|
send_nosniff_header();
|
|
nocache_headers();
|
|
|
|
/** This action is documented in wp-admin/admin.php */
|
|
do_action( 'admin_init' );
|
|
|
|
$core_actions_get = array(
|
|
'fetch-list', 'ajax-tag-search', 'wp-compression-test', 'imgedit-preview', 'oembed-cache',
|
|
'autocomplete-user', 'dashboard-widgets', 'logged-in',
|
|
);
|
|
|
|
$core_actions_post = array(
|
|
'oembed-cache', 'image-editor', 'delete-comment', 'delete-tag', 'delete-link',
|
|
'delete-meta', 'delete-post', 'trash-post', 'untrash-post', 'delete-page', 'dim-comment',
|
|
'add-link-category', 'add-tag', 'get-tagcloud', 'get-comments', 'replyto-comment',
|
|
'edit-comment', 'add-menu-item', 'add-meta', 'add-user', 'closed-postboxes',
|
|
'hidden-columns', 'update-welcome-panel', 'menu-get-metabox', 'wp-link-ajax',
|
|
'menu-locations-save', 'menu-quick-search', 'meta-box-order', 'get-permalink',
|
|
'sample-permalink', 'inline-save', 'inline-save-tax', 'find_posts', 'widgets-order',
|
|
'save-widget', 'delete-inactive-widgets', 'set-post-thumbnail', 'date_format', 'time_format',
|
|
'wp-remove-post-lock', 'dismiss-wp-pointer', 'upload-attachment', 'get-attachment',
|
|
'query-attachments', 'save-attachment', 'save-attachment-compat', 'send-link-to-editor',
|
|
'send-attachment-to-editor', 'save-attachment-order', 'heartbeat', 'get-revision-diffs',
|
|
'save-user-color-scheme', 'update-widget', 'query-themes', 'parse-embed', 'set-attachment-thumbnail',
|
|
'parse-media-shortcode', 'destroy-sessions', 'install-plugin', 'update-plugin', 'press-this-save-post',
|
|
'press-this-add-category', 'crop-image', 'generate-password', 'save-wporg-username', 'delete-plugin',
|
|
'search-plugins', 'search-install-plugins', 'activate-plugin', 'update-theme', 'delete-theme',
|
|
'install-theme', 'test_url', 'get-post-thumbnail-html',
|
|
);
|
|
|
|
// Deprecated
|
|
$core_actions_post[] = 'wp-fullscreen-save-post';
|
|
|
|
// Register core Ajax calls.
|
|
if ( ! empty( $_GET['action'] ) && in_array( $_GET['action'], $core_actions_get ) )
|
|
add_action( 'wp_ajax_' . $_GET['action'], 'wp_ajax_' . str_replace( '-', '_', $_GET['action'] ), 1 );
|
|
|
|
if ( ! empty( $_POST['action'] ) && in_array( $_POST['action'], $core_actions_post ) )
|
|
add_action( 'wp_ajax_' . $_POST['action'], 'wp_ajax_' . str_replace( '-', '_', $_POST['action'] ), 1 );
|
|
|
|
add_action( 'wp_ajax_nopriv_heartbeat', 'wp_ajax_nopriv_heartbeat', 1 );
|
|
|
|
if ( is_user_logged_in() ) {
|
|
/**
|
|
* Fires authenticated Ajax actions for logged-in users.
|
|
*
|
|
* The dynamic portion of the hook name, `$_REQUEST['action']`,
|
|
* refers to the name of the Ajax action callback being fired.
|
|
*
|
|
* @since 2.1.0
|
|
*/
|
|
do_action( 'wp_ajax_' . $_REQUEST['action'] );
|
|
} else {
|
|
/**
|
|
* Fires non-authenticated Ajax actions for logged-out users.
|
|
*
|
|
* The dynamic portion of the hook name, `$_REQUEST['action']`,
|
|
* refers to the name of the Ajax action callback being fired.
|
|
*
|
|
* @since 2.8.0
|
|
*/
|
|
do_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] );
|
|
}
|
|
// Default status
|
|
die( '0' );
|