[wp-trac] [WordPress Trac] #25255: Extend admin-ajax to detect multiple user capability and admin-ajax.php does not return 0
WordPress Trac
noreply at wordpress.org
Mon Sep 9 20:42:10 UTC 2013
#25255: Extend admin-ajax to detect multiple user capability and admin-ajax.php
does not return 0
--------------------------------+------------------------------
Reporter: godhulii_1985 | Owner:
Type: enhancement | Status: new
Priority: normal | Milestone: Awaiting Review
Component: General | Version: 3.6
Severity: normal | Resolution:
Keywords: close dev-feedback |
--------------------------------+------------------------------
Comment (by azaozz):
> Using current_user_can() in your AJAX handler sounds like the correct
way to achieve that.
Exactly. Combining current_user_can() and a nonce check is the standard
way core uses.
> In general this ticket should be closed except that sending the correct
status code would be something we could do.
Setting some HTTP status codes may behave unexpectedly with XHRs. We may
be able to use some but don't see a big advantage in doing so. Thinking
'wontfix'.
--
Ticket URL: <http://core.trac.wordpress.org/ticket/25255#comment:7>
WordPress Trac <http://core.trac.wordpress.org/>
WordPress blogging software
More information about the wp-trac
mailing list