[wp-hackers] Ajax calls and cookie within the admin

L'Autre Monde autremonde75 at gmail.com
Mon Feb 23 21:25:43 GMT 2009

Casey, Austin,

Thanks for the clarification. I know understand that the cookie thing is 
handled separatly and my duty is just to ensure that the current_user has 
the rights to do what he tries to do...



----- Original Message ----- 
From: "Casey Bisson" <casey.bisson at gmail.com>
To: <wp-hackers at lists.automattic.com>
Sent: Monday, February 23, 2009 10:05 PM
Subject: Re: [wp-hackers] Ajax calls and cookie within the admin

> You might want to take a look at admin-ajax.php, both to see how  things 
> get secured in there and how you can plug into it with your  project.
> http://core.trac.wordpress.org/browser/tags/2.7.1/wp-admin/admin-ajax.php
> --Casey
> http://maisonbisson.com
> http://about.scriblio.net
> On Mon, Feb 23, 2009 at 2:36 PM, L'Autre Monde  <autremonde75 at gmail.com> 
> wrote:
>> Ok but then, what do I need to perform to secure my ajax handler on  the
>> server side? Is there a method to check the cookie validity? Is the 
>> nonce
>> verification enough?
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers 

More information about the wp-hackers mailing list