PHP Cross Reference - WordPress - Source: /wp-admin/admin-ajax.php

Source: /wp-admin/admin-ajax.php - 77 lines - 2755 bytes - Summary - Text - Print

Description: WordPress AJAX Process Execution.
   1  <?php
   2  /**
   3   * WordPress AJAX Process Execution.
   4   *
   5   * @package WordPress
   6   * @subpackage Administration
   7   *
   8   * @link http://codex.wordpress.org/AJAX_in_Plugins
   9   */
  10  
  11  /**
  12   * Executing AJAX process.
  13   *
  14   * @since 2.1.0
  15   */
  16  define( 'DOING_AJAX', true );
  17  define( 'WP_ADMIN', true );
  18  
  19  /** Load WordPress Bootstrap */
  20  require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' );
  21  
  22  /** Allow for cross-domain requests (from the frontend). */
  23  send_origin_headers();
  24  
  25  // Require an action parameter
  26  if ( empty( $_REQUEST['action'] ) )
  27      die( '0' );
  28  
  29  /** Load WordPress Administration APIs */
  30  require_once ( ABSPATH . 'wp-admin/includes/admin.php' );
  31  
  32  /** Load Ajax Handlers for WordPress Core */
  33  require_once ( ABSPATH . 'wp-admin/includes/ajax-actions.php' );
  34  
  35  @header( 'Content-Type: text/html; charset=' . get_option( 'blog_charset' ) );
  36  @header( 'X-Robots-Tag: noindex' );
  37  
  38  send_nosniff_header();
  39  nocache_headers();
  40  
  41  do_action( 'admin_init' );
  42  
  43  $core_actions_get = array(
  44      'fetch-list', 'ajax-tag-search', 'wp-compression-test', 'imgedit-preview', 'oembed-cache',
  45      'autocomplete-user', 'dashboard-widgets', 'logged-in',
  46  );
  47  
  48  $core_actions_post = array(
  49      'oembed-cache', 'image-editor', 'delete-comment', 'delete-tag', 'delete-link',
  50      'delete-meta', 'delete-post', 'trash-post', 'untrash-post', 'delete-page', 'dim-comment',
  51      'add-link-category', 'add-tag', 'get-tagcloud', 'get-comments', 'replyto-comment',
  52      'edit-comment', 'add-menu-item', 'add-meta', 'add-user', 'autosave', 'closed-postboxes',
  53      'hidden-columns', 'update-welcome-panel', 'menu-get-metabox', 'wp-link-ajax',
  54      'menu-locations-save', 'menu-quick-search', 'meta-box-order', 'get-permalink',
  55      'sample-permalink', 'inline-save', 'inline-save-tax', 'find_posts', 'widgets-order',
  56      'save-widget', 'set-post-thumbnail', 'date_format', 'time_format', 'wp-fullscreen-save-post',
  57      'wp-remove-post-lock', 'dismiss-wp-pointer', 'upload-attachment', 'get-attachment',
  58      'query-attachments', 'save-attachment', 'save-attachment-compat', 'send-link-to-editor',
  59      'send-attachment-to-editor', 'save-attachment-order',
  60  );
  61  
  62  // Register core Ajax calls.
  63  if ( ! empty( $_GET['action'] ) && in_array( $_GET['action'], $core_actions_get ) )
  64      add_action( 'wp_ajax_' . $_GET['action'], 'wp_ajax_' . str_replace( '-', '_', $_GET['action'] ), 1 );
  65  
  66  if ( ! empty( $_POST['action'] ) && in_array( $_POST['action'], $core_actions_post ) )
  67      add_action( 'wp_ajax_' . $_POST['action'], 'wp_ajax_' . str_replace( '-', '_', $_POST['action'] ), 1 );
  68  
  69  add_action( 'wp_ajax_nopriv_autosave', 'wp_ajax_nopriv_autosave', 1 );
  70  
  71  if ( is_user_logged_in() )
  72      do_action( 'wp_ajax_' . $_REQUEST['action'] ); // Authenticated actions
  73  else
  74      do_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] ); // Non-admin actions
  75  
  76  // Default status
  77  die( '0' );