2006-03-29 03:51:55 +02:00
|
|
|
<?php
|
2008-08-11 22:26:31 +02:00
|
|
|
/**
|
2016-07-10 02:50:21 +02:00
|
|
|
* WordPress Ajax Process Execution
|
2008-08-11 22:26:31 +02:00
|
|
|
*
|
|
|
|
* @package WordPress
|
|
|
|
* @subpackage Administration
|
2012-01-23 20:31:15 +01:00
|
|
|
*
|
2015-04-12 23:28:58 +02:00
|
|
|
* @link https://codex.wordpress.org/AJAX_in_Plugins
|
2008-08-11 22:26:31 +02:00
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
2016-07-10 02:50:21 +02:00
|
|
|
* Executing Ajax process.
|
2008-08-11 22:26:31 +02:00
|
|
|
*
|
2010-09-05 04:45:39 +02:00
|
|
|
* @since 2.1.0
|
2008-08-11 22:26:31 +02:00
|
|
|
*/
|
2012-01-23 20:12:04 +01:00
|
|
|
define( 'DOING_AJAX', true );
|
2014-05-18 22:41:28 +02:00
|
|
|
if ( ! defined( 'WP_ADMIN' ) ) {
|
|
|
|
define( 'WP_ADMIN', true );
|
|
|
|
}
|
2008-01-05 00:34:33 +01:00
|
|
|
|
2012-09-25 17:55:32 +02:00
|
|
|
/** Load WordPress Bootstrap */
|
|
|
|
require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' );
|
|
|
|
|
2016-02-25 13:52:33 +01:00
|
|
|
/** Allow for cross-domain requests (from the front end). */
|
2012-09-25 17:55:32 +02:00
|
|
|
send_origin_headers();
|
|
|
|
|
2012-01-23 20:12:04 +01:00
|
|
|
// Require an action parameter
|
|
|
|
if ( empty( $_REQUEST['action'] ) )
|
2017-07-23 02:20:37 +02:00
|
|
|
wp_die( '0', 400 );
|
2010-02-17 13:26:47 +01:00
|
|
|
|
2012-01-23 20:31:15 +01:00
|
|
|
/** Load WordPress Administration APIs */
|
|
|
|
require_once( ABSPATH . 'wp-admin/includes/admin.php' );
|
|
|
|
|
|
|
|
/** Load Ajax Handlers for WordPress Core */
|
|
|
|
require_once( ABSPATH . 'wp-admin/includes/ajax-actions.php' );
|
2010-05-03 22:26:11 +02:00
|
|
|
|
2012-01-23 20:12:04 +01:00
|
|
|
@header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) );
|
2012-03-25 14:53:17 +02:00
|
|
|
@header( 'X-Robots-Tag: noindex' );
|
|
|
|
|
2012-01-23 20:12:04 +01:00
|
|
|
send_nosniff_header();
|
2012-11-27 17:17:53 +01:00
|
|
|
nocache_headers();
|
2011-09-27 22:52:07 +02:00
|
|
|
|
2013-10-22 19:21:32 +02:00
|
|
|
/** This action is documented in wp-admin/admin.php */
|
2012-01-23 20:12:04 +01:00
|
|
|
do_action( 'admin_init' );
|
2011-09-27 22:52:07 +02:00
|
|
|
|
2012-03-15 14:20:00 +01:00
|
|
|
$core_actions_get = array(
|
|
|
|
'fetch-list', 'ajax-tag-search', 'wp-compression-test', 'imgedit-preview', 'oembed-cache',
|
2013-06-26 23:06:50 +02:00
|
|
|
'autocomplete-user', 'dashboard-widgets', 'logged-in',
|
2012-03-15 14:20:00 +01:00
|
|
|
);
|
2011-09-27 22:52:07 +02:00
|
|
|
|
2012-01-23 20:12:04 +01:00
|
|
|
$core_actions_post = array(
|
2012-02-14 11:01:00 +01:00
|
|
|
'oembed-cache', 'image-editor', 'delete-comment', 'delete-tag', 'delete-link',
|
2012-01-23 20:12:04 +01:00
|
|
|
'delete-meta', 'delete-post', 'trash-post', 'untrash-post', 'delete-page', 'dim-comment',
|
|
|
|
'add-link-category', 'add-tag', 'get-tagcloud', 'get-comments', 'replyto-comment',
|
2014-01-22 05:55:37 +01:00
|
|
|
'edit-comment', 'add-menu-item', 'add-meta', 'add-user', 'closed-postboxes',
|
2012-01-23 20:12:04 +01:00
|
|
|
'hidden-columns', 'update-welcome-panel', 'menu-get-metabox', 'wp-link-ajax',
|
|
|
|
'menu-locations-save', 'menu-quick-search', 'meta-box-order', 'get-permalink',
|
|
|
|
'sample-permalink', 'inline-save', 'inline-save-tax', 'find_posts', 'widgets-order',
|
2015-10-21 07:22:52 +02:00
|
|
|
'save-widget', 'delete-inactive-widgets', 'set-post-thumbnail', 'date_format', 'time_format',
|
2012-10-11 01:32:48 +02:00
|
|
|
'wp-remove-post-lock', 'dismiss-wp-pointer', 'upload-attachment', 'get-attachment',
|
2012-11-21 17:02:20 +01:00
|
|
|
'query-attachments', 'save-attachment', 'save-attachment-compat', 'send-link-to-editor',
|
2013-06-26 23:06:50 +02:00
|
|
|
'send-attachment-to-editor', 'save-attachment-order', 'heartbeat', 'get-revision-diffs',
|
2014-07-16 00:07:16 +02:00
|
|
|
'save-user-color-scheme', 'update-widget', 'query-themes', 'parse-embed', 'set-attachment-thumbnail',
|
PressThis v2, first run. Props michael-arestad, stephdau, marcelomazza, DrewAPicture, iseulde, afercia, kraftbj, rachelbaker, AramZS, dd32. See #31373.
git-svn-id: https://develop.svn.wordpress.org/trunk@31534 602fd350-edb4-49c9-b593-d223f7449a82
2015-02-25 02:49:26 +01:00
|
|
|
'parse-media-shortcode', 'destroy-sessions', 'install-plugin', 'update-plugin', 'press-this-save-post',
|
Update/Install: Shiny Updates v2.
Gone are the days of isolation and feelings of "meh", brought on by The Bleak Screen of Sadness. For a shiny knight has arrived to usher our plugins and themes along their arduous journey of installation, updates, and the inevitable fate of ultimate deletion.
Props swissspidy, adamsilverstein, mapk, afragen, ocean90, ryelle, j-falk, michael-arestad, melchoyce, DrewAPicture, AdamSoucie, ethitter, pento, dd32, kraftbj, Ipstenu, jorbin, afercia, stephdau, paulwilde, jipmoors, khag7, svovaf, jipmoors, obenland.
Fixes #22029, #25828, #31002, #31529, #31530, #31773, #33637, #35032.
git-svn-id: https://develop.svn.wordpress.org/trunk@37714 602fd350-edb4-49c9-b593-d223f7449a82
2016-06-15 18:36:07 +02:00
|
|
|
'press-this-add-category', 'crop-image', 'generate-password', 'save-wporg-username', 'delete-plugin',
|
|
|
|
'search-plugins', 'search-install-plugins', 'activate-plugin', 'update-theme', 'delete-theme',
|
Dashboard: Update the existing WordPress News dashboard widget to also include upcoming meetup events and WordCamps near the current user’s location.
Props @afercia, @andreamiddleton, @azaozz, @camikaos, @coreymckrill, @chanthaboune, @courtneypk, @dd32, @iandunn, @iseulde, @mapk, @mayukojpn, @melchoyce, @nao, @obenland, @pento, @samuelsidler, @stephdau, @tellyworth.
See #40702.
git-svn-id: https://develop.svn.wordpress.org/trunk@40607 602fd350-edb4-49c9-b593-d223f7449a82
2017-05-10 22:03:01 +02:00
|
|
|
'install-theme', 'get-post-thumbnail-html', 'get-community-events',
|
2012-01-23 20:12:04 +01:00
|
|
|
);
|
2011-10-11 01:31:36 +02:00
|
|
|
|
2015-06-01 19:37:14 +02:00
|
|
|
// Deprecated
|
|
|
|
$core_actions_post[] = 'wp-fullscreen-save-post';
|
|
|
|
|
2012-01-23 20:31:15 +01:00
|
|
|
// Register core Ajax calls.
|
2012-01-23 20:12:04 +01:00
|
|
|
if ( ! empty( $_GET['action'] ) && in_array( $_GET['action'], $core_actions_get ) )
|
|
|
|
add_action( 'wp_ajax_' . $_GET['action'], 'wp_ajax_' . str_replace( '-', '_', $_GET['action'] ), 1 );
|
2011-10-11 01:31:36 +02:00
|
|
|
|
2012-01-23 20:12:04 +01:00
|
|
|
if ( ! empty( $_POST['action'] ) && in_array( $_POST['action'], $core_actions_post ) )
|
|
|
|
add_action( 'wp_ajax_' . $_POST['action'], 'wp_ajax_' . str_replace( '-', '_', $_POST['action'] ), 1 );
|
2011-10-11 01:31:36 +02:00
|
|
|
|
2013-02-25 03:32:22 +01:00
|
|
|
add_action( 'wp_ajax_nopriv_heartbeat', 'wp_ajax_nopriv_heartbeat', 1 );
|
2011-10-11 01:31:36 +02:00
|
|
|
|
2013-09-21 07:31:09 +02:00
|
|
|
if ( is_user_logged_in() ) {
|
2013-09-21 07:52:06 +02:00
|
|
|
/**
|
2016-07-10 02:50:21 +02:00
|
|
|
* Fires authenticated Ajax actions for logged-in users.
|
2013-09-21 07:31:09 +02:00
|
|
|
*
|
2014-11-30 12:42:00 +01:00
|
|
|
* The dynamic portion of the hook name, `$_REQUEST['action']`,
|
2016-07-10 02:50:21 +02:00
|
|
|
* refers to the name of the Ajax action callback being fired.
|
2013-09-21 07:52:06 +02:00
|
|
|
*
|
|
|
|
* @since 2.1.0
|
|
|
|
*/
|
|
|
|
do_action( 'wp_ajax_' . $_REQUEST['action'] );
|
2013-09-21 07:31:09 +02:00
|
|
|
} else {
|
2013-09-21 07:52:06 +02:00
|
|
|
/**
|
2016-07-10 02:50:21 +02:00
|
|
|
* Fires non-authenticated Ajax actions for logged-out users.
|
2013-09-21 07:31:09 +02:00
|
|
|
*
|
2014-11-30 12:42:00 +01:00
|
|
|
* The dynamic portion of the hook name, `$_REQUEST['action']`,
|
2016-07-10 02:50:21 +02:00
|
|
|
* refers to the name of the Ajax action callback being fired.
|
2013-09-21 07:31:09 +02:00
|
|
|
*
|
2013-09-21 07:52:06 +02:00
|
|
|
* @since 2.8.0
|
|
|
|
*/
|
|
|
|
do_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] );
|
2013-09-21 07:31:09 +02:00
|
|
|
}
|
2012-01-23 20:12:04 +01:00
|
|
|
// Default status
|
2017-07-23 02:20:37 +02:00
|
|
|
wp_die( '0', 400 );
|