Im developing a Wordpress-plugin, where the main file of the plugins includes a PHP-file depending on (supposed to at least) if you are back-end or front-end.
As the is_admin() returns true on AJAX requests, I have used the DOING_AJAX constant to check whetever AJAX is done or not:
if ( is_admin() && ( ! defined( 'DOING_AJAX' ) || ! DOING_AJAX ) ) {
require_once('admin/functions_admin.php');
}
else {
require_once('public/functions_public.php');
}
The correct file is loaded in wp-admin. The correct file is loaded front-end. Ajax-requests works front-end - but not back end. The "if" is not executed when doing Ajax back-end with this code.
When adding the following "else if" code it works back-end, but then not frond-end of course:
else if ( is_admin() ) {
require_once('admin/functions_admin.php');
}
There is a note about this fact on the Ajax in plugin codex page.
As the hook use wp-admin/admin-ajax.php you must avoid using is_admin(), that will Always returns true.
An example, you want to include a file only on front end, you check with !is_admin(), in the file you have the wp_ajax_{$action} , but admin-ajax.php will Always return true, and the response will be 0.
What the codex says;
Both front-end and back-end Ajax requests use admin-ajax.php so is_admin() will always return true in your action handling code.
When selectively loading your Ajax script handlers for the front-end and back-end, and using the is_admin() function, your wp_ajax_(action) and wp_ajax_nopriv_(action) hooks MUST be inside the is_admin() === true part.
So, if your question is : how can i make my script works ?
Remove is_admin() and replace it with another conditional.
Source Ajax in plugin
Hope it helps
Sorted this out by gathering all AJAX-functions (both front- and back-end) in a third file:
// Is admin, but not doing ajaax
if ( is_admin() && ( ! defined( 'DOING_AJAX' ) || ! DOING_AJAX ) ) {
require_once('admin/functions_admin.php');
}
// Is doing AJAX
else if ( is_admin() && ( defined( 'DOING_AJAX' ) || DOING_AJAX ) ) {
require_once('functions_ajax.php');
}
// Front-end functions
else {
require_once('public/functions_public.php');
}
There is a specific function to perform this task: wp_doing_ajax()
Related
I have the code below to redirect my WordPress logged out users to page /login/
<?php
if (!is_user_logged_in()) {
if ( ! is_page( 'register-member' ) )
if ( ! is_page( 'groups' ) ){
wp_redirect( 'https://members.google.com/login/');
exit;
}
} ?>
And currently i whitelisted /register-member/ and /groups/ so logged out users can access them.
But I'm trying to whitelist more pages and it's not working and I think it's overwritten by the theme (BuddyPress)
Also i'm using "Restrict Content Pro" plugin
So i'm looking for a solution to whitelist other pages.
You can do these things with is_user_logged_in() and is_front_page(). If these are not true, then you can use wp_redirect() to redirect the user to the home page.
Assuming your forgot password page is a "page," you could use is_page() in your logic as well.
You'll need to hook it to action so that it fires late enough to allow checking the page, but early enough to still safely redirect the user (i.e. before headers are sent). template_redirect is ideal for this.
add_action( 'template_redirect', 'my_frontpage_redirect' );
function my_frontpage_redirect() {
if ( ! is_user_logged_in() ) {
if ( ! is_front_page() && ! is_page( 'my-password-reset' ) ) {
wp_redirect( home_url() );
exit();
}
}
}
I've got this brilliant piece of code that restricts access to the wp-admin login page unless the user logged in is an admin to the site:
add_action( 'init', 'blockusers_init' );
function blockusers_init() {
if ( is_admin() && ! current_user_can( 'administrator' ) &&
! ( defined( 'DOING_AJAX' ) && DOING_AJAX ) ) {
wp_redirect( home_url() );
exit;
}
}
I want to add another function that restricts access and performs the same redirect to my home page BUT for a specific page of my site.
But this isn't working:
add_action( 'init', 'blockusers_init' );
function blockusers_init() {
if ( is_admin() && ! current_user_can( 'administrator' ) &&
! ( defined( 'mysite.co.uk/shop' ) && DOING_AJAX ) ) {
wp_redirect( home_url() );
exit;
}
}
And I'm not surpised by that but I was hoping somebody had to correct code to perform this function?
Thanks
You can add this to your header.php file to check if they're on the page and if they're an admin or not
if(is_page(PAGE_ID)){
current_user_can( 'manage_options' ){
---do redirect here or whatever else---
}
}
You can also create load the function via the init action like you did.
I'm running the Rename wp-login.php plugin on my WordPress website. This plugin allows you to 'rename' wp-login.php and /wp-admin/ so the visitor can't find the admin login.
However, when the visitor visits /wp-admin/ he'll be seeing the 'You must log in to access the admin area' error message.
I want to change this so the visitor sees a 404 page. The code for this error message is as follows:
if ( is_admin() && ! is_user_logged_in() && ! defined( 'DOING_AJAX' ) ) {
wp_die( __( 'You must log in to access the admin area!', 'wp-login' ) );
}
I have tried changing it to
if ( is_admin() && ! is_user_logged_in() && ! defined( 'DOING_AJAX' ) ) {
function generate_404() {
global $wp_query;
$wp_query->set_404();
}
add_action('wp','generate_404');
}
and I have also tried
if ( is_admin() && ! is_user_logged_in() && ! defined( 'DOING_AJAX' ) ) {
global $wp_query;
$wp_query->set_404();
status_header( 404 );
get_template_part( 404 ); exit();
}
But none of that did work. Please help me out.
I'm working with a Woocommerce site that has an Ajax issue. Whenever I try to run a wc-ajax function I get a malformed json error or a full page reload inside a div.
I see that in woocommerce/includes/class-wc-ajax the AJAX is defined by checking the $_GET variable for wc-ajax. The code looks like this:
add_action( 'init', array( __CLASS__, 'define_ajax' ), 0 );
public static function define_ajax() {
if ( ! empty( $_GET['wc-ajax'] ) ) {
if ( ! defined( 'DOING_AJAX' ) ) {
define( 'DOING_AJAX', true );
}
if ( ! defined( 'WC_DOING_AJAX' ) ) {
define( 'WC_DOING_AJAX', true );
}
// Turn off display_errors during AJAX events to prevent malformed JSON
if ( ! WP_DEBUG || ( WP_DEBUG && ! WP_DEBUG_DISPLAY ) ) {
#ini_set( 'display_errors', 0 );
}
$GLOBALS['wpdb']->hide_errors();
}
}
The url I'm sending the request is /checkout-2/?wc-ajax=update_order_review. So if I print out $_GET I would expect it to look like this:
$_GET['wc-ajax'] = "update_order_review"
However, I am getting this instead:
$_GET['q'] = "/checkout-2/?wc-ajax=update_order_review"
Has anyone come across something like this before or have any ideas what would change $_GET's default functionality? Or at least the default functionality as I understand it.
Thank you!
I have a Wordpress site and 2 kinds of users. Admins and subscribers. If a subscriber tries to access the wp-admin area I want him to redirect to the home page of the site. I have a function to do this but when I try to access a different page on the site, for example to post a comment somewhere, it loads the home page inside the page I currenly am and doesn't post the comment and any other action I do. From the network errors I see admin-ajax.php 302 error. I understand that Wordpress uses two different hooks for ajax, one for admin side and one for logged out user and it has something to do with my problem but I don't understand how to fix it.
function mt_redirect_admin(){
if ( ! current_user_can( 'edit_events' ) ){
wp_redirect( site_url() );
exit;
}
}
add_action( 'admin_init', 'mt_redirect_admin' );
Thanks in advance for any answers
Solved:
function mt_redirect_admin() {
if ( ! current_user_can( 'edit_events' ) && ( ! defined( 'DOING_AJAX' ) || ! DOING_AJAX ) ) {
wp_redirect( site_url() );
exit;
}
}
add_action( 'admin_init', 'mt_redirect_admin', 1 );