[wp-hackers] wp-admin folder and admin-ajax.php

Gavin Pearce Gavin.Pearce at 3seven9.com
Wed Aug 11 17:28:37 UTC 2010


> You're not running more than one request at a time.

Good point. ;)

Thanks Otto.


-----Original Message-----
From: wp-hackers-bounces at lists.automattic.com [mailto:wp-hackers-bounces at lists.automattic.com] On Behalf Of Otto
Sent: 11 August 2010 18:27
To: wp-hackers at lists.automattic.com
Subject: Re: [wp-hackers] wp-admin folder and admin-ajax.php

Use a parameter to determine which request you're processing.
action=request1 or whatever.

And you can just exit, as each request is a separate call. You're not
running more than one request at a time.

-Otto



On Wed, Aug 11, 2010 at 11:44 AM, Gavin Pearce <Gavin.Pearce at 3seven9.com> wrote:
> Hi guys,
>
> Nice idea ... but what if you start having more than one AJAX request?
>
> Or from a plugin developers point of view - I can't just "exit;" on AJAX request from my plugin, as there may still be more AJAX requests to run....
>
> Thanks,
> Gav
>
> -----Original Message-----
> From: wp-hackers-bounces at lists.automattic.com [mailto:wp-hackers-bounces at lists.automattic.com] On Behalf Of Otto
> Sent: 11 August 2010 16:37
> To: wp-hackers at lists.automattic.com
> Subject: Re: [wp-hackers] wp-admin folder and admin-ajax.php
>
> This is the same basic approach I use.
>
> However, setting the ajaxurl to the home url isn't required, really.
> If you're capturing via init, then any URL on the site works, since
> init always triggers. So I tend to just use the current page URL.
> Simpler.
>
> -Otto
>
>
>
> On Wed, Aug 11, 2010 at 6:48 AM, Paul <paul at codehooligans.com> wrote:
>> For simple front-end AJAX needs which do not require authenticated access I don't use the admin-ajax.php hook.
>>
>> Instead I just capture the action via my plugin's init function. Something like
>>
>> function init()
>> {
>>        // Normal init code here
>>        // blah blah blah
>>
>>        // Handle front-end AJAX requests.
>>        if (isset($_REQUEST['property_display_ajax_action']))
>>        {
>>                // Process my AJAX here!
>>                exit();         // Terminate the request
>>        }
>> }
>>
>> You can still use the same code for your JS/AJAX as suggested on http://codex.wordpress.org/AJAX_in_Plugins
>> But with one issue. Since this is front-end the 'ajaxurl' is not set. So on your themes wp_footer(); action add it yourself. Mine just calls the front-end site url.
>>
>> function property_wp_footer()
>> {
>>        ?>
>>        <script type="text/javascript" >
>>                var ajaxurl = '<?php echo home_url( '/' );  ?>';
>>        </script>
>>        <?php
>> }
>>
>>
>>
>>
>>
>> On Aug 11, 2010, at 7:18 AM, Gavin Pearce wrote:
>>
>>> Hi Westi,
>>>
>>> That would still mean pointing to wp-admin/admin-ajax.php though I believe?
>>>
>>> Which goes back to the issue of being able to secure the wp-admin folder. Some users, as suggested in the codex, will secure the entire wp-admin folder via IP or htaccess password protection, which would break any front-end AJAX hooking into this.
>>>
>>> As a plugin developer, automatic installations would obviously fail in this use-case.
>>>
>>> Cheers,
>>> Gav
>>>
>>> -----Original Message-----
>>> From: wp-hackers-bounces at lists.automattic.com [mailto:wp-hackers-bounces at lists.automattic.com] On Behalf Of Peter Westwood
>>> Sent: 11 August 2010 11:49
>>> To: wp-hackers at lists.automattic.com
>>> Subject: Re: [wp-hackers] wp-admin folder and admin-ajax.php
>>>
>>>
>>> On 11 Aug 2010, at 10:14, Gavin Pearce wrote:
>>>
>>>> Thanks Westi!
>>>>
>>>> Out of interest then, and in that case - how would you personally best
>>>> handle non-auth, front-end, AJAX (and then having access to the various
>>>> WP instances/classes/DB) without hooking into the WordPress AJAX
>>>> function at admin-ajax.php?
>>>>
>>>> All the main guides seem to point towards using admin-ajax ...
>>>>
>>>
>>> Sorry I missed this out my response earlier.
>>>
>>> For unauthenticated actions use a no_priv action hook.
>>>
>>> Line 46 of admin-ajax.php
>>>
>>> do_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] );
>>>
>>> westi
>>> --
>>> Peter Westwood
>>> http://blog.ftwr.co.uk | http://westi.wordpress.com
>>> C53C F8FC 8796 8508 88D6 C950 54F4 5DCD A834 01C5
>>>
>>> _______________________________________________
>>> wp-hackers mailing list
>>> wp-hackers at lists.automattic.com
>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>> _______________________________________________
>>> wp-hackers mailing list
>>> wp-hackers at lists.automattic.com
>>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>
>> _______________________________________________
>> wp-hackers mailing list
>> wp-hackers at lists.automattic.com
>> http://lists.automattic.com/mailman/listinfo/wp-hackers
>>
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
> _______________________________________________
> wp-hackers mailing list
> wp-hackers at lists.automattic.com
> http://lists.automattic.com/mailman/listinfo/wp-hackers
>
_______________________________________________
wp-hackers mailing list
wp-hackers at lists.automattic.com
http://lists.automattic.com/mailman/listinfo/wp-hackers


More information about the wp-hackers mailing list