Changeset 24528 for trunk/wp-admin/includes/ajax-actions.php

Timestamp:

06/29/2013 01:31:44 AM (10 years ago)

Author:

azaozz

Message:

Nonce refresh:

• Update the heartbeat nonce when refreshing nonces on the Edit Post screen.
• After a user logs in from the auth-check dialog, speed up heatrbeat to check/refresh nonces on the Edit Post screen.
• Speeding up heartbeat: bring back the setting how long it should last (how many ticks).
• Add 'heartbeat-nonces-expired' jQuery event when nonces have expired and the user is logged in.

See #23295, see #23216.

File:

• trunk/wp-admin/includes/ajax-actions.php (modified) (2 diffs)

trunk/wp-admin/includes/ajax-actions.php

@@ -2055 +2055 @@
 
 function wp_ajax_heartbeat() {
-    check_ajax_referer( 'heartbeat-nonce', '_nonce' );
+    if ( empty( $_POST['_nonce'] ) )
+        wp_send_json_error();
+
     $response = array();
+
+    if ( false === wp_verify_nonce( $_POST['_nonce'], 'heartbeat-nonce' ) ) {
+        // User is logged in but nonces have expired.
+        $response['nonces_expired'] = true;
+        wp_send_json($response);
+    }
 
     // screen_id is the same as $current_screen->id and the JS global 'pagenow'
@@ -2077 +2085 @@
     do_action( 'heartbeat_tick', $response, $screen_id );
 
-    // send the current time acording to the server
+    // Send the current time acording to the server
     $response['server_time'] = time();