Opened 4 years ago
Closed 3 years ago
#11015 closed enhancement (wontfix)
Admin Ajax actions should pass relevant global variables
| Reported by: |
|
Owned by: |
|
|---|---|---|---|
| Priority: | normal | Milestone: | |
| Component: | JavaScript | Version: | 2.9 |
| Severity: | normal | Keywords: | admin-ajax has-patch |
| Cc: |
Description
The wp_ajax_* action hooks should pass the global $_REQUEST variable so that callbacks can reduce the number of global objects they have to be aware of and so that they can get the data in a state prior to being modified by anything else.
Attachments (1)
Change History (5)
-1. Don't see the benefit in doing this. If you have a function that accepts data from different contexts, you would always want to filter what comes from $_REQUEST.
Replying to azaozz:
-1. Don't see the benefit in doing this.
The benefit is
- You don't have to access global objects in your callback
- You can be agnostic about whether the "action" is from POST or GET.
- Testing is more straightforward.
- There's no harm.
This helps avoid having to check whether "action" is set in POST or GET, and it allows code reuse: I can use the same callback in different places.
- Milestone 2.9 deleted
- Resolution set to wontfix
- Status changed from new to closed
Strong -1
It should be obvious inside a function when you are accessing a superglobal.
Passing $_REQUEST as a argument hides the use of the superglobal in the function.
That makes it much easier to audit code and identify where user supplied data is/isnt being trusted.
Why not 2.9. It's simple and there are no backwards-compatibility issues. :-)