Changeset 52813 for trunk/src/wp-admin/admin-ajax.php
- Timestamp:
- 03/02/2022 02:58:09 PM (3 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/src/wp-admin/admin-ajax.php
r50153 r52813 28 28 header( 'X-Robots-Tag: noindex' ); 29 29 30 // Require a naction parameter.31 if ( empty( $_REQUEST['action'] ) ) {30 // Require a valid action parameter. 31 if ( empty( $_REQUEST['action'] ) || ! is_scalar( $_REQUEST['action'] ) ) { 32 32 wp_die( '0', 400 ); 33 33 } … … 169 169 add_action( 'wp_ajax_nopriv_heartbeat', 'wp_ajax_nopriv_heartbeat', 1 ); 170 170 171 $action = ( isset( $_REQUEST['action'] ) ) ? $_REQUEST['action'] : '';171 $action = $_REQUEST['action']; 172 172 173 173 if ( is_user_logged_in() ) { … … 202 202 do_action( "wp_ajax_nopriv_{$action}" ); 203 203 } 204 204 205 // Default status. 205 206 wp_die( '0' );
Note: See TracChangeset
for help on using the changeset viewer.