[ Index ]

PHP Cross Reference of WordPress Trunk (Updated Daily)

Search

title

Body

[close]

/wp-admin/ -> admin-ajax.php (source)

   1  <?php
   2  /**
   3   * WordPress Ajax Process Execution
   4   *
   5   * @package WordPress
   6   * @subpackage Administration
   7   *
   8   * @link https://developer.wordpress.org/plugins/javascript/ajax
   9   */
  10  
  11  /**
  12   * Executing Ajax process.
  13   *
  14   * @since 2.1.0
  15   */
  16  define( 'DOING_AJAX', true );
  17  if ( ! defined( 'WP_ADMIN' ) ) {
  18      define( 'WP_ADMIN', true );
  19  }
  20  
  21  /** Load WordPress Bootstrap */
  22  require_once dirname( __DIR__ ) . '/wp-load.php';
  23  
  24  /** Allow for cross-domain requests (from the front end). */
  25  send_origin_headers();
  26  
  27  header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) );
  28  header( 'X-Robots-Tag: noindex' );
  29  
  30  // Require a valid action parameter.
  31  if ( empty( $_REQUEST['action'] ) || ! is_scalar( $_REQUEST['action'] ) ) {
  32      wp_die( '0', 400 );
  33  }
  34  
  35  /** Load WordPress Administration APIs */
  36  require_once  ABSPATH . 'wp-admin/includes/admin.php';
  37  
  38  /** Load Ajax Handlers for WordPress Core */
  39  require_once  ABSPATH . 'wp-admin/includes/ajax-actions.php';
  40  
  41  send_nosniff_header();
  42  nocache_headers();
  43  
  44  /** This action is documented in wp-admin/admin.php */
  45  do_action( 'admin_init' );
  46  
  47  $core_actions_get = array(
  48      'fetch-list',
  49      'ajax-tag-search',
  50      'wp-compression-test',
  51      'imgedit-preview',
  52      'oembed-cache',
  53      'autocomplete-user',
  54      'dashboard-widgets',
  55      'logged-in',
  56      'rest-nonce',
  57  );
  58  
  59  $core_actions_post = array(
  60      'oembed-cache',
  61      'image-editor',
  62      'delete-comment',
  63      'delete-tag',
  64      'delete-link',
  65      'delete-meta',
  66      'delete-post',
  67      'trash-post',
  68      'untrash-post',
  69      'delete-page',
  70      'dim-comment',
  71      'add-link-category',
  72      'add-tag',
  73      'get-tagcloud',
  74      'get-comments',
  75      'replyto-comment',
  76      'edit-comment',
  77      'add-menu-item',
  78      'add-meta',
  79      'add-user',
  80      'closed-postboxes',
  81      'hidden-columns',
  82      'update-welcome-panel',
  83      'menu-get-metabox',
  84      'wp-link-ajax',
  85      'menu-locations-save',
  86      'menu-quick-search',
  87      'meta-box-order',
  88      'get-permalink',
  89      'sample-permalink',
  90      'inline-save',
  91      'inline-save-tax',
  92      'find_posts',
  93      'widgets-order',
  94      'save-widget',
  95      'delete-inactive-widgets',
  96      'set-post-thumbnail',
  97      'date_format',
  98      'time_format',
  99      'wp-remove-post-lock',
 100      'dismiss-wp-pointer',
 101      'upload-attachment',
 102      'get-attachment',
 103      'query-attachments',
 104      'save-attachment',
 105      'save-attachment-compat',
 106      'send-link-to-editor',
 107      'send-attachment-to-editor',
 108      'save-attachment-order',
 109      'media-create-image-subsizes',
 110      'heartbeat',
 111      'get-revision-diffs',
 112      'save-user-color-scheme',
 113      'update-widget',
 114      'query-themes',
 115      'parse-embed',
 116      'set-attachment-thumbnail',
 117      'parse-media-shortcode',
 118      'destroy-sessions',
 119      'install-plugin',
 120      'activate-plugin',
 121      'update-plugin',
 122      'crop-image',
 123      'generate-password',
 124      'save-wporg-username',
 125      'delete-plugin',
 126      'search-plugins',
 127      'search-install-plugins',
 128      'activate-plugin',
 129      'update-theme',
 130      'delete-theme',
 131      'install-theme',
 132      'get-post-thumbnail-html',
 133      'get-community-events',
 134      'edit-theme-plugin-file',
 135      'wp-privacy-export-personal-data',
 136      'wp-privacy-erase-personal-data',
 137      'health-check-site-status-result',
 138      'health-check-dotorg-communication',
 139      'health-check-is-in-debug-mode',
 140      'health-check-background-updates',
 141      'health-check-loopback-requests',
 142      'health-check-get-sizes',
 143      'toggle-auto-updates',
 144      'send-password-reset',
 145  );
 146  
 147  // Deprecated.
 148  $core_actions_post_deprecated = array(
 149      'wp-fullscreen-save-post',
 150      'press-this-save-post',
 151      'press-this-add-category',
 152      'health-check-dotorg-communication',
 153      'health-check-is-in-debug-mode',
 154      'health-check-background-updates',
 155      'health-check-loopback-requests',
 156  );
 157  
 158  $core_actions_post = array_merge( $core_actions_post, $core_actions_post_deprecated );
 159  
 160  // Register core Ajax calls.
 161  if ( ! empty( $_GET['action'] ) && in_array( $_GET['action'], $core_actions_get, true ) ) {
 162      add_action( 'wp_ajax_' . $_GET['action'], 'wp_ajax_' . str_replace( '-', '_', $_GET['action'] ), 1 );
 163  }
 164  
 165  if ( ! empty( $_POST['action'] ) && in_array( $_POST['action'], $core_actions_post, true ) ) {
 166      add_action( 'wp_ajax_' . $_POST['action'], 'wp_ajax_' . str_replace( '-', '_', $_POST['action'] ), 1 );
 167  }
 168  
 169  add_action( 'wp_ajax_nopriv_generate-password', 'wp_ajax_nopriv_generate_password' );
 170  
 171  add_action( 'wp_ajax_nopriv_heartbeat', 'wp_ajax_nopriv_heartbeat', 1 );
 172  
 173  // Register Plugin Dependencies Ajax calls.
 174  add_action( 'wp_ajax_check_plugin_dependencies', array( 'WP_Plugin_Dependencies', 'check_plugin_dependencies_during_ajax' ) );
 175  
 176  $action = $_REQUEST['action'];
 177  
 178  if ( is_user_logged_in() ) {
 179      // If no action is registered, return a Bad Request response.
 180      if ( ! has_action( "wp_ajax_{$action}" ) ) {
 181          wp_die( '0', 400 );
 182      }
 183  
 184      /**
 185       * Fires authenticated Ajax actions for logged-in users.
 186       *
 187       * The dynamic portion of the hook name, `$action`, refers
 188       * to the name of the Ajax action callback being fired.
 189       *
 190       * @since 2.1.0
 191       */
 192      do_action( "wp_ajax_{$action}" );
 193  } else {
 194      // If no action is registered, return a Bad Request response.
 195      if ( ! has_action( "wp_ajax_nopriv_{$action}" ) ) {
 196          wp_die( '0', 400 );
 197      }
 198  
 199      /**
 200       * Fires non-authenticated Ajax actions for logged-out users.
 201       *
 202       * The dynamic portion of the hook name, `$action`, refers
 203       * to the name of the Ajax action callback being fired.
 204       *
 205       * @since 2.8.0
 206       */
 207      do_action( "wp_ajax_nopriv_{$action}" );
 208  }
 209  
 210  // Default status.
 211  wp_die( '0' );


Generated : Tue Dec 24 08:20:01 2024 Cross-referenced by PHPXref