Changeset 24528
- Timestamp:
- 06/29/2013 01:31:44 AM (11 years ago)
- Location:
- trunk
- Files:
-
- 5 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/wp-admin/includes/ajax-actions.php
r24520 r24528 2055 2055 2056 2056 function wp_ajax_heartbeat() { 2057 check_ajax_referer( 'heartbeat-nonce', '_nonce' ); 2057 if ( empty( $_POST['_nonce'] ) ) 2058 wp_send_json_error(); 2059 2058 2060 $response = array(); 2061 2062 if ( false === wp_verify_nonce( $_POST['_nonce'], 'heartbeat-nonce' ) ) { 2063 // User is logged in but nonces have expired. 2064 $response['nonces_expired'] = true; 2065 wp_send_json($response); 2066 } 2059 2067 2060 2068 // screen_id is the same as $current_screen->id and the JS global 'pagenow' … … 2077 2085 do_action( 'heartbeat_tick', $response, $screen_id ); 2078 2086 2079 // send the current time acording to the server2087 // Send the current time acording to the server 2080 2088 $response['server_time'] = time(); 2081 2089 -
trunk/wp-admin/includes/misc.php
r24408 r24528 640 640 if ( array_key_exists( 'wp-refresh-post-nonces', $data ) ) { 641 641 $received = $data['wp-refresh-post-nonces']; 642 $response['wp-refresh-post-nonces'] = array( 'check' => 1 ); 642 643 643 644 if ( ! $post_id = absint( $received['post_id'] ) ) 644 645 return $response; 645 646 646 if ( ! current_user_can( 'edit_post', $post_id) )647 if ( ! current_user_can( 'edit_post', $post_id ) || empty( $received['post_nonce'] ) ) 647 648 return $response; 648 649 649 if ( ! empty( $received['post_nonce'] ) &&2 === wp_verify_nonce( $received['post_nonce'], 'update-post_' . $post_id ) ) {650 if ( 2 === wp_verify_nonce( $received['post_nonce'], 'update-post_' . $post_id ) ) { 650 651 $response['wp-refresh-post-nonces'] = array( 651 'replace-autosavenonce' => wp_create_nonce('autosave'), 652 'replace-getpermalinknonce' => wp_create_nonce('getpermalink'), 653 'replace-samplepermalinknonce' => wp_create_nonce('samplepermalink'), 654 'replace-closedpostboxesnonce' => wp_create_nonce('closedpostboxes'), 655 'replace-_ajax_linking_nonce' => wp_create_nonce( 'internal-linking' ), 656 'replace-_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ), 652 'replace' => array( 653 'autosavenonce' => wp_create_nonce('autosave'), 654 'getpermalinknonce' => wp_create_nonce('getpermalink'), 655 'samplepermalinknonce' => wp_create_nonce('samplepermalink'), 656 'closedpostboxesnonce' => wp_create_nonce('closedpostboxes'), 657 '_ajax_linking_nonce' => wp_create_nonce( 'internal-linking' ), 658 '_wpnonce' => wp_create_nonce( 'update-post_' . $post_id ), 659 ), 660 'heartbeatNonce' => wp_create_nonce( 'heartbeat-nonce' ), 657 661 ); 658 662 } -
trunk/wp-admin/js/post.js
r24414 r24528 317 317 check = false; 318 318 window.clearTimeout( timeout ); 319 timeout = window.setTimeout( function(){ check = 1; }, 3600000 );319 timeout = window.setTimeout( function(){ check = true; }, 300000 ); 320 320 } 321 321 … … 330 330 }; 331 331 } 332 check = 2;333 332 } 334 333 }).on( 'heartbeat-tick.wp-refresh-nonces', function( e, data ) { 335 if ( check === 2 ) 334 var nonces = data['wp-refresh-post-nonces']; 335 336 if ( nonces ) { 336 337 schedule(); 337 338 338 if ( data['wp-refresh-post-nonces'] ) { 339 $.each( data['wp-refresh-post-nonces'], function( selector, value ) { 340 if ( selector.match(/^replace-/) ) 341 $( '#' + selector.replace('replace-', '') ).val( value ); 342 }); 339 if ( nonces.replace ) { 340 $.each( nonces.replace, function( selector, value ) { 341 $( '#' + selector ).val( value ); 342 }); 343 } 344 345 if ( nonces.heartbeatNonce ) 346 window.heartbeatSettings.nonce = nonces.heartbeatNonce; 343 347 } 344 348 }).ready( function() { -
trunk/wp-includes/js/heartbeat.js
r24406 r24528 11 11 running, 12 12 beat, 13 nonce,14 13 screenId = typeof pagenow != 'undefined' ? pagenow : '', 15 14 url = typeof ajaxurl != 'undefined' ? ajaxurl : '', … … 31 30 this.connectionLost = false; 32 31 33 if ( typeof( window.heartbeatSettings ) != 'undefined' ) {34 settings = window.heartbeatSettings;32 if ( typeof( window.heartbeatSettings ) == 'object' ) { 33 settings = $.extend( {}, window.heartbeatSettings ); 35 34 36 35 // Add private vars 37 nonce = settings.nonce || '';38 delete settings.nonce;39 40 36 url = settings.ajaxurl || url; 41 37 delete settings.ajaxurl; 38 delete settings.nonce; 42 39 43 40 interval = settings.interval || 15; // default interval … … 121 118 122 119 function connect() { 123 var send = {}, data, i, empty = true; 120 var send = {}, data, i, empty = true, 121 nonce = typeof window.heartbeatSettings == 'object' ? window.heartbeatSettings.nonce : ''; 124 122 tick = time(); 125 123 … … 168 166 if ( self.connectionLost ) 169 167 errorstate(); 168 169 if ( response.nonces_expired ) { 170 $(document).trigger( 'heartbeat-nonces-expired' ); 171 return; 172 } 170 173 171 174 // Change the interval from PHP … … 335 338 * 336 339 * @param string speed Interval speed: 'fast' (5sec), 'standard' (15sec) default, 'slow' (60sec) 340 * @param string ticks Used with speed = 'fast', how many ticks before the speed reverts back 337 341 * @return int Current interval in seconds 338 342 */ 339 this.interval = function( speed ) {343 this.interval = function( speed, ticks ) { 340 344 var reset, seconds; 345 ticks = parseInt( ticks, 10 ) || 30; 346 ticks = ticks < 1 || ticks > 30 ? 30 : ticks; 341 347 342 348 if ( speed ) { … … 344 350 case 'fast': 345 351 seconds = 5; 346 countdown = 30;352 countdown = ticks; 347 353 break; 348 354 case 'slow': -
trunk/wp-includes/js/wp-auth-check.js
r24273 r24528 1 1 // Interim login dialog 2 2 (function($){ 3 var wrap, check, timeout;3 var wrap, check, scheduleTimeout, hideTimeout; 4 4 5 5 function show() { … … 33 33 parent.find('.wp-auth-check-close').show(); 34 34 wrap.data('logged-in', 1); 35 setTimeout( function() { hide(); }, 3000 );35 hideTimeout = setTimeout( function() { hide(); }, 3000 ); 36 36 } 37 37 … … 63 63 function hide() { 64 64 $(window).off( 'beforeunload.wp-auth-check' ); 65 window.clearTimeout( hideTimeout ); 66 67 // When on the Edit Post screen, speed up heartbeat after the user logs in to quickly refresh nonces 68 if ( typeof adminpage != 'undefined' && ( adminpage == 'post-php' || adminpage == 'post-new-php' ) 69 && typeof wp != 'undefined' && wp.heartbeat ) { 70 71 wp.heartbeat.interval( 'fast', 1 ); 72 } 65 73 66 74 wrap.fadeOut( 200, function() { … … 72 80 function schedule() { 73 81 check = false; 74 window.clearTimeout( timeout );75 timeout = window.setTimeout( function(){ check = 1; }, 180000 ); // 3min.82 window.clearTimeout( scheduleTimeout ); 83 scheduleTimeout = window.setTimeout( function(){ check = 1; }, 300000 ); // 5 min. 76 84 } 77 85
Note: See TracChangeset
for help on using the changeset viewer.