[wp-hackers] wp-admin folder and admin-ajax.php
Gavin Pearce
Gavin.Pearce at 3seven9.com
Wed Aug 11 11:18:50 UTC 2010
Hi Westi,
That would still mean pointing to wp-admin/admin-ajax.php though I believe?
Which goes back to the issue of being able to secure the wp-admin folder. Some users, as suggested in the codex, will secure the entire wp-admin folder via IP or htaccess password protection, which would break any front-end AJAX hooking into this.
As a plugin developer, automatic installations would obviously fail in this use-case.
Cheers,
Gav
-----Original Message-----
From: wp-hackers-bounces at lists.automattic.com [mailto:wp-hackers-bounces at lists.automattic.com] On Behalf Of Peter Westwood
Sent: 11 August 2010 11:49
To: wp-hackers at lists.automattic.com
Subject: Re: [wp-hackers] wp-admin folder and admin-ajax.php
On 11 Aug 2010, at 10:14, Gavin Pearce wrote:
> Thanks Westi!
>
> Out of interest then, and in that case - how would you personally best
> handle non-auth, front-end, AJAX (and then having access to the various
> WP instances/classes/DB) without hooking into the WordPress AJAX
> function at admin-ajax.php?
>
> All the main guides seem to point towards using admin-ajax ...
>
Sorry I missed this out my response earlier.
For unauthenticated actions use a no_priv action hook.
Line 46 of admin-ajax.php
do_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] );
westi
--
Peter Westwood
http://blog.ftwr.co.uk | http://westi.wordpress.com
C53C F8FC 8796 8508 88D6 C950 54F4 5DCD A834 01C5
_______________________________________________
wp-hackers mailing list
wp-hackers at lists.automattic.com
http://lists.automattic.com/mailman/listinfo/wp-hackers
More information about the wp-hackers
mailing list