Opened 4 years ago
Last modified 3 years ago
#51463 new enhancement
Fire an action prior to AJAX action handling (allows diagnostics)
Reported by: | DavidAnderson | Owned by: | |
---|---|---|---|
Milestone: | Future Release | Priority: | normal |
Severity: | normal | Version: | |
Component: | General | Keywords: | has-patch |
Focuses: | Cc: |
Description
Currently, admin-ajax.php has no action that it will fire if there is no action hooked.
This means that you can't (without using hacks) track calls to "unhooked" actions. To be able to track those calls is useful for various diagnostic purposes. For example, logging bots which speculatively call a list of various actions belonging to vulnerable plugins. Or, detecting and logging coding errors.
The attached patch adds a "pre_wp_ajax" action call to allow plugins to monitor calls to unhooked AJAX actions.
Attachments (1)
Change History (5)
#1
@
4 years ago
- Keywords has-patch added
- Milestone changed from Awaiting Review to Future Release
This is a good idea. It could instead fire a little further down and receive a parameter with the result of the has_action
check? Maybe one for the wp_ajax_
action and one for the wp_ajax_nopriv
action before they call wp_die()
.
#2
@
4 years ago
I tend to think that the parameters passed to an action shouldn't include ones it can directly derive from what it has already got. So, here, the called function can already call is_user_logged_in() and has_action() itself.
Add "pre_wp_ajax" action call