[wp-hackers] AJAX in plugins and public pages

Heiko Rabe heiko.rabe at code-styling.de
Sun Feb 22 02:52:34 GMT 2009

Yes, there is a lack of supporting ajax calls out of frontend pages 
without calling plugin folder hosted files.
But i think, it should not be done by patching admin-ajax.php !
In my opinion this should be handled like comments are, provide a file 
wp-ajax-post.php that handles such public ajax requests.
This would also required new actions to be designed the plugin writers 
can hook onto.
In summary this is a reasonable idea and should definitely be introduced 
to avoid tons of plugins having their own php pages therefor.
With a standard way processing frontend ajax calls based on an action 
related interface this would improve also safety of WordPress a bit.


Heiko Rabe

> Am I right in thinking that there's no equivalent of admin-ajax.php for use
> in public pages?  I know some people don't like to make the plugins folder
> world viewable, but I can't protect against that on public pages like on
> admin pages.  If there's a reason this, that's fine, but if no one knows a
> particular reason it's missing, I could put together a quick patch based on
> the existing file.

More information about the wp-hackers mailing list