diff --git a/src/wp-admin/includes/ajax-actions.php b/src/wp-admin/includes/ajax-actions.php
index 9751bc5bef..5991d6cc72 100644
--- a/src/wp-admin/includes/ajax-actions.php
+++ b/src/wp-admin/includes/ajax-actions.php
@@ -3781,19 +3781,22 @@ function wp_ajax_delete_plugin() {
*
* @since 4.6.0
*
- * @global WP_List_Table $wp_list_table Current list table instance.
- * @global string $hook_suffix Current admin page.
- * @global string $s Search term.
+ * @global string $s Search term.
*/
function wp_ajax_search_plugins() {
check_ajax_referer( 'updates' );
- global $wp_list_table, $hook_suffix, $s;
- $hook_suffix = 'plugins.php';
+ $pagenow = isset( $_POST['pagenow'] ) ? sanitize_key( $_POST['pagenow'] ) : '';
+ if ( 'plugins-network' === $pagenow || 'plugins' === $pagenow ) {
+ set_current_screen( $pagenow );
+ }
/** @var WP_Plugins_List_Table $wp_list_table */
- $wp_list_table = _get_list_table( 'WP_Plugins_List_Table' );
- $status = array();
+ $wp_list_table = _get_list_table( 'WP_Plugins_List_Table', array(
+ 'screen' => get_current_screen(),
+ ) );
+
+ $status = array();
if ( ! $wp_list_table->ajax_user_can() ) {
$status['errorMessage'] = __( 'Sorry, you are not allowed to manage plugins for this site.' );
@@ -3806,7 +3809,7 @@ function wp_ajax_search_plugins() {
'action' => null,
) ), network_admin_url( 'plugins.php', 'relative' ) );
- $s = sanitize_text_field( $_POST['s'] );
+ $GLOBALS['s'] = wp_unslash( $_POST['s'] );
$wp_list_table->prepare_items();
@@ -3822,19 +3825,21 @@ function wp_ajax_search_plugins() {
* Ajax handler for searching plugins to install.
*
* @since 4.6.0
- *
- * @global WP_List_Table $wp_list_table Current list table instance.
- * @global string $hook_suffix Current admin page.
*/
function wp_ajax_search_install_plugins() {
check_ajax_referer( 'updates' );
- global $wp_list_table, $hook_suffix;
- $hook_suffix = 'plugin-install.php';
+ $pagenow = isset( $_POST['pagenow'] ) ? sanitize_key( $_POST['pagenow'] ) : '';
+ if ( 'plugin-install-network' === $pagenow || 'plugin-install' === $pagenow ) {
+ set_current_screen( $pagenow );
+ }
/** @var WP_Plugin_Install_List_Table $wp_list_table */
- $wp_list_table = _get_list_table( 'WP_Plugin_Install_List_Table' );
- $status = array();
+ $wp_list_table = _get_list_table( 'WP_Plugin_Install_List_Table', array(
+ 'screen' => get_current_screen(),
+ ) );
+
+ $status = array();
if ( ! $wp_list_table->ajax_user_can() ) {
$status['errorMessage'] = __( 'Sorry, you are not allowed to manage plugins for this site.' );
diff --git a/src/wp-admin/js/updates.js b/src/wp-admin/js/updates.js
index 8107426a50..74b40fb197 100644
--- a/src/wp-admin/js/updates.js
+++ b/src/wp-admin/js/updates.js
@@ -2031,9 +2031,10 @@
var $form = $( '#plugin-filter' ).empty(),
data = _.extend( {
_ajax_nonce: wp.updates.ajaxNonce,
- s: $( '' ).html( $( this ).val() ).text(),
+ s: $( this ).val(),
tab: 'search',
- type: $( '#typeselector' ).val()
+ type: $( '#typeselector' ).val(),
+ pagenow: pagenow
}, { type: 'term' } );
if ( wp.updates.searchTerm === data.s ) {
@@ -2043,7 +2044,7 @@
}
if ( history.pushState ) {
- history.pushState( null, '', location.href.split( '?' )[ 0 ] + '?' + $.param( _.omit( data, '_ajax_nonce' ) ) );
+ history.pushState( null, '', location.href.split( '?' )[ 0 ] + '?' + $.param( _.omit( data, [ '_ajax_nonce', 'pagenow' ] ) ) );
}
if ( 'undefined' !== typeof wp.updates.searchRequest ) {
@@ -2071,7 +2072,8 @@
$pluginSearch.on( 'keyup input', _.debounce( function( event ) {
var data = {
_ajax_nonce: wp.updates.ajaxNonce,
- s: event.target.value
+ s: event.target.value,
+ pagenow: pagenow
};
// Clear on escape.
@@ -2099,7 +2101,7 @@
wp.updates.searchRequest = wp.ajax.post( 'search-plugins', data ).done( function( response ) {
// Can we just ditch this whole subtitle business?
- var $subTitle = $( '' ).addClass( 'subtitle' ).html( wp.updates.l10n.searchResults.replace( '%s', data.s ) ),
+ var $subTitle = $( '' ).addClass( 'subtitle' ).html( wp.updates.l10n.searchResults.replace( '%s', _.escape( data.s ) ) ),
$oldSubTitle = $( '.wrap .subtitle' );
if ( ! data.s.length ) {