X-Git-Url: https://scripts.mit.edu/gitweb/autoinstalls/wordpress.git/blobdiff_plain/fa11948979fd6a4ea5705dc613b239699a459db3..b925718b4bf2dd47a8429f844d0a255ca6e35bd1:/wp-admin/admin-post.php?ds=sidebyside

diff --git a/wp-admin/admin-post.php b/wp-admin/admin-post.php
index 71039940..d3135f2a 100644
--- a/wp-admin/admin-post.php
+++ b/wp-admin/admin-post.php
@@ -9,14 +9,16 @@
  */
 
 /** We are located in WordPress Administration Screens */
-define('WP_ADMIN', true);
+if ( ! defined( 'WP_ADMIN' ) ) {
+	define( 'WP_ADMIN', true );
+}
 
 if ( defined('ABSPATH') )
 	require_once(ABSPATH . 'wp-load.php');
 else
 	require_once( dirname( dirname( __FILE__ ) ) . '/wp-load.php' );
 
-/** Allow for cross-domain requests (from the frontend). */
+/** Allow for cross-domain requests (from the front end). */
 send_origin_headers();
 
 require_once(ABSPATH . 'wp-admin/includes/admin.php');
@@ -26,20 +28,44 @@ nocache_headers();
 /** This action is documented in wp-admin/admin.php */
 do_action( 'admin_init' );
 
-$action = 'admin_post';
+$action = empty( $_REQUEST['action'] ) ? '' : $_REQUEST['action'];
 
-if ( !wp_validate_auth_cookie() )
-	$action .= '_nopriv';
-
-if ( !empty($_REQUEST['action']) )
-	$action .= '_' . $_REQUEST['action'];
-
-/**
- * Fires the requested handler action.
- *
- * admin_post_nopriv_{$_REQUEST['action']} is called for not-logged-in users.
- * admin_post_{$_REQUEST['action']} is called for logged-in users.
- *
- * @since 2.6.0
- */
-do_action( $action );
+if ( ! wp_validate_auth_cookie() ) {
+	if ( empty( $action ) ) {
+		/**
+		 * Fires on a non-authenticated admin post request where no action was supplied.
+		 *
+		 * @since 2.6.0
+		 */
+		do_action( 'admin_post_nopriv' );
+	} else {
+		/**
+		 * Fires on a non-authenticated admin post request for the given action.
+		 *
+		 * The dynamic portion of the hook name, `$action`, refers to the given
+		 * request action.
+		 *
+		 * @since 2.6.0
+		 */
+		do_action( "admin_post_nopriv_{$action}" );
+	}
+} else {
+	if ( empty( $action ) ) {
+		/**
+		 * Fires on an authenticated admin post request where no action was supplied.
+		 *
+		 * @since 2.6.0
+		 */
+		do_action( 'admin_post' );
+	} else {
+		/**
+		 * Fires on an authenticated admin post request for the given action.
+		 *
+		 * The dynamic portion of the hook name, `$action`, refers to the given
+		 * request action.
+		 *
+		 * @since 2.6.0
+		 */
+		do_action( "admin_post_{$action}" );
+	}
+}