* @since 3.1.0
*/
function wp_ajax_ajax_tag_search() {
- if ( isset( $_GET['tax'] ) ) {
- $taxonomy = sanitize_key( $_GET['tax'] );
- $tax = get_taxonomy( $taxonomy );
- if ( ! $tax )
- wp_die( 0 );
- if ( ! current_user_can( $tax->cap->assign_terms ) )
- wp_die( -1 );
- } else {
+ if ( ! isset( $_GET['tax'] ) ) {
+ wp_die( 0 );
+ }
+
+ $taxonomy = sanitize_key( $_GET['tax'] );
+ $tax = get_taxonomy( $taxonomy );
+ if ( ! $tax ) {
wp_die( 0 );
}
+ if ( ! current_user_can( $tax->cap->assign_terms ) ) {
+ wp_die( -1 );
+ }
+
$s = wp_unslash( $_GET['q'] );
$comma = _x( ',', 'tag delimiter' );
);
}
- wp_die( json_encode( $return ) );
+ wp_die( wp_json_encode( $return ) );
}
/**
$level = 0;
if ( is_taxonomy_hierarchical($taxonomy) ) {
- $level = count( get_ancestors( $tag->term_id, $taxonomy ) );
+ $level = count( get_ancestors( $tag->term_id, $taxonomy, 'taxonomy' ) );
ob_start();
$wp_list_table->single_row( $tag, $level );
$noparents = ob_get_clean();
* @since 3.1.0
*/
function wp_ajax_get_tagcloud() {
- if ( isset( $_POST['tax'] ) ) {
- $taxonomy = sanitize_key( $_POST['tax'] );
- $tax = get_taxonomy( $taxonomy );
- if ( ! $tax )
- wp_die( 0 );
- if ( ! current_user_can( $tax->cap->assign_terms ) )
- wp_die( -1 );
- } else {
+ if ( ! isset( $_POST['tax'] ) ) {
+ wp_die( 0 );
+ }
+
+ $taxonomy = sanitize_key( $_POST['tax'] );
+ $tax = get_taxonomy( $taxonomy );
+ if ( ! $tax ) {
wp_die( 0 );
}
+
+ if ( ! current_user_can( $tax->cap->assign_terms ) ) {
+ wp_die( -1 );
+ }
$tags = get_terms( $taxonomy, array( 'number' => 45, 'orderby' => 'count', 'order' => 'DESC' ) );
$comment_author = wp_slash( $user->display_name );
$comment_author_email = wp_slash( $user->user_email );
$comment_author_url = wp_slash( $user->user_url );
- $comment_content = trim($_POST['content']);
+ $comment_content = trim( $_POST['content'] );
+ $comment_type = isset( $_POST['comment_type'] ) ? trim( $_POST['comment_type'] ) : '';
if ( current_user_can( 'unfiltered_html' ) ) {
if ( ! isset( $_POST['_wp_unfiltered_html_comment'] ) )
$_POST['_wp_unfiltered_html_comment'] = '';
wp_die( -1 );
if ( isset($_POST['metakeyselect']) && '#NONE#' == $_POST['metakeyselect'] && empty($_POST['metakeyinput']) )
wp_die( 1 );
+
+ // If the post is an autodraft, save the post as a draft and then attempt to save the meta.
if ( $post->post_status == 'auto-draft' ) {
$save_POST = $_POST; // Backup $_POST
$_POST = array(); // Make it empty for edit_post()
$markup = ob_get_clean();
- echo json_encode(array(
+ echo wp_json_encode(array(
'replace-id' => $type . '-' . $item->name,
'markup' => $markup,
));
if ( ! isset( $results ) )
wp_die( 0 );
- echo json_encode( $results );
+ echo wp_json_encode( $results );
echo "\n";
wp_die();
}
/**
- * Ajax handler for quick edit saving for a post.
+ * Ajax handler for Quick Edit saving a post from a list table.
*
* @since 3.1.0
*/
}
/**
- * Ajax handler for finding posts.
+ * Ajax handler for querying posts for the Find Posts modal.
+ *
+ * @see window.findPosts
*
* @since 3.1.0
*/
*/
function wp_ajax_upload_attachment() {
check_ajax_referer( 'media-form' );
+ /*
+ * This function does not use wp_send_json_success() / wp_send_json_error()
+ * as the html4 Plupload handler requires a text/html content-type for older IE.
+ * See https://core.trac.wordpress.org/ticket/31037
+ */
+
+ if ( ! current_user_can( 'upload_files' ) ) {
+ echo wp_json_encode( array(
+ 'success' => false,
+ 'data' => array(
+ 'message' => __( "You don't have permission to upload files." ),
+ 'filename' => $_FILES['async-upload']['name'],
+ )
+ ) );
- if ( ! current_user_can( 'upload_files' ) )
wp_die();
+ }
if ( isset( $_REQUEST['post_id'] ) ) {
$post_id = $_REQUEST['post_id'];
- if ( ! current_user_can( 'edit_post', $post_id ) )
+ if ( ! current_user_can( 'edit_post', $post_id ) ) {
+ echo wp_json_encode( array(
+ 'success' => false,
+ 'data' => array(
+ 'message' => __( "You don't have permission to attach files to this post." ),
+ 'filename' => $_FILES['async-upload']['name'],
+ )
+ ) );
+
wp_die();
+ }
} else {
$post_id = null;
}
if ( isset( $post_data['context'] ) && in_array( $post_data['context'], array( 'custom-header', 'custom-background' ) ) ) {
$wp_filetype = wp_check_filetype_and_ext( $_FILES['async-upload']['tmp_name'], $_FILES['async-upload']['name'], false );
if ( ! wp_match_mime_types( 'image', $wp_filetype['type'] ) ) {
- echo json_encode( array(
+ echo wp_json_encode( array(
'success' => false,
'data' => array(
'message' => __( 'The uploaded file is not a valid image. Please try again.' ),
$attachment_id = media_handle_upload( 'async-upload', $post_id, $post_data );
if ( is_wp_error( $attachment_id ) ) {
- echo json_encode( array(
+ echo wp_json_encode( array(
'success' => false,
'data' => array(
'message' => $attachment_id->get_error_message(),
if ( ! $attachment = wp_prepare_attachment_for_js( $attachment_id ) )
wp_die();
- echo json_encode( array(
+ echo wp_json_encode( array(
'success' => true,
'data' => $attachment,
) );
switch ( $_POST['do'] ) {
case 'save' :
$msg = wp_save_image($attachment_id);
- $msg = json_encode($msg);
+ $msg = wp_json_encode($msg);
wp_die( $msg );
break;
case 'scale' :
}
/**
- * Ajax handler for querying for attachments.
+ * Ajax handler for querying attachments.
*
* @since 3.5.0
*/
}
/**
- * Ajax handler for saving attachment attributes.
+ * Ajax handler for updating attachment attributes.
*
* @since 3.5.0
*/
// Admin is ssl and the embed is not. Iframes, scripts, and other "active content" will be blocked.
wp_send_json_error( array(
'type' => 'not-ssl',
- 'message' => sprintf( __( 'Preview not available. %s cannot be embedded securely.' ), '<code>' . esc_html( $url ) . '</code>' ),
+ 'message' => __( 'This preview is unavailable in the editor.' ),
) );
}
'body' => ob_get_clean()
) );
}
+
+/**
+ * AJAX handler for destroying multiple open sessions for a user.
+ *
+ * @since 4.1.0
+ */
+function wp_ajax_destroy_sessions() {
+
+ $user = get_userdata( (int) $_POST['user_id'] );
+ if ( $user ) {
+ if ( ! current_user_can( 'edit_user', $user->ID ) ) {
+ $user = false;
+ } elseif ( ! wp_verify_nonce( $_POST['nonce'], 'update-user_' . $user->ID ) ) {
+ $user = false;
+ }
+ }
+
+ if ( ! $user ) {
+ wp_send_json_error( array(
+ 'message' => __( 'Could not log out user sessions. Please try again.' ),
+ ) );
+ }
+
+ $sessions = WP_Session_Tokens::get_instance( $user->ID );
+
+ if ( $user->ID === get_current_user_id() ) {
+ $sessions->destroy_others( wp_get_session_token() );
+ $message = __( 'You are now logged out everywhere else.' );
+ } else {
+ $sessions->destroy_all();
+ /* translators: 1: User's display name. */
+ $message = sprintf( __( '%s has been logged out.' ), $user->display_name );
+ }
+
+ wp_send_json_success( array( 'message' => $message ) );
+}