How to securely add an Ajax button to a WP Admin page?

In this answer I created 2 buttons which are visually disabled and get an invalid nonce before submitting.

<?php
/*
Plugin Name: Ajax Example
*/

add_action( 'admin_notices', 'my_action_button' );

define( 'MY_ACTION_NONCE', 'my-action-' );

function my_action_button() {
    $id   = 4321;
    $data = array(
        'data-nonce' => wp_create_nonce( MY_ACTION_NONCE . $id ),
        'data-id'    => $id,
    );
    echo get_submit_button( "Ajax Primary", 'primary large', 'my-action-button-1', FALSE, $data );

    $id   += 1234;
    $data = array(
        'data-nonce' => wp_create_nonce( MY_ACTION_NONCE . $id ),
        'data-id'    => $id,
    );
    echo get_submit_button( "Ajax Secundary", 'secondary', 'my-action-button-2', FALSE, $data );
}

add_action( 'admin_footer', 'my_action_javascript' ); // Write our JS below here

function my_action_javascript() {
    ?>
    <script type="text/javascript">
        jQuery(document).ready(function ($) {
            $('#my-action-button-1,#my-action-button-2').click(function () {
                var $button = $(this);

                var data = {
                    'action': 'my_action',
                    'id': $button.data('id'),
                    'nonce': $button.data('nonce')
                };
                // Give user cue not to click again
                $button.addClass('disabled');
                // Invalidate the nonce
                $button.data('nonce', 'invalid');

                $.post(ajaxurl, data, function (response) {
                    alert('Got this from the server: ' + response);

                });
            });
        });
    </script>
    <?php
}

add_action( 'wp_ajax_my_action', 'my_action' );

function my_action() {
    global $wpdb; // this is how you get access to the database

    $id    = $_POST['id'];
    $nonce = $_POST['nonce'];
    if ( wp_verify_nonce( $nonce, MY_ACTION_NONCE . $id ) ) {
        $response = intval( $id );
        $response += 10;
        echo $response;
    } else {
        echo - 1;
    }
    wp_die(); // this is required to terminate immediately and return a proper response
}

Related Posts:

  1. Ajax call not working anymore
  2. Access-Control-Allow-Origin error sending a jQuery Post to Google API’s
  3. Access-Control-Allow-Origin error sending a jQuery Post to Google API’s
  4. jQuery: Performing synchronous AJAX requests
  5. jQuery’s .on() method combined with the submit event
  6. How to make ajax call in wordpress in right way?
  7. AJAX handler throws 400 (Bad request) – why?
  8. How to link WordPress heartbeat to ajax form
  9. AJAX Implementation
  10. Drag and drop multiple file upload using Ajax WordPress
  11. Turn jQuery.ajax() request into XMLHttpRequest (vanilla JavaScript)
  12. wp_remote_get() to get AJAX url /wp-admin/admin-ajax.php
  13. How to Use JSON With AJAX?
  14. admin-ajax.php HTTP400: BAD REQUEST – The request could not be processed by the server due to invalid syntax
  15. WordPress AJAX Call Not Return Result
  16. AJAX requests broken due to HTTPS for wp-admin
  17. wp-admin AJAX with Fetch API is done without user
  18. How to add WP API and JS featured image attachment
  19. jQuery Ajax passing empty parameters to my function?
  20. WordPress Admin AJAX Serialize
  21. WP Admin AJAX Security – using POST to include a relative URL
  22. Ajax Modal Flickers When Opened Multiple Times
  23. WordPress Ajax Not Working ( Custom Admin page)
  24. Why a strange discrepency between get_current_user_id() when using AJAX versus output of document.cookie?
  25. splitting the URL using jQuery
  26. How would you update a frontend form with AJAX
  27. Why is on status span no search results?
  28. Pass additional parameter with async upload
  29. How to handle 400 status in Ajax [duplicate]
  30. Refresh Markercluster after ajax call
  31. AJAX request randomly stop working and returns error 400
  32. Bad request 400 from custom ajax call
  33. All AJAX requests return a 400 error
  34. Use WP admin AJAX url to hide API key
  35. How to pass parameters from jQuery ajax into PHP function?
  36. WordPress Heartbeat API cannot parse data
  37. I can’t get a return value from Ajax
  38. WordPress AJAX return 0 – My case
  39. merge wp rest api query to get posts per category does not work
  40. WP AJAX post filter > do something with empty value
  41. 403 error When i send ajax request on WordPress website
  42. AJAX jQuery post frontend returning failed to load resource status 400
  43. Data not insert and update through ajax and jQuery in admin page?
  44. Load more posts in the same category – Ajax + Timber
  45. How to jQuery Ajax show new data from successful insert?
  46. wp_mail doesn’t work when logged in?
  47. Problems with wordpress nonces in Ajax call
  48. How to check nonce lifetime value of plugins?
  49. Ajax call in WordPress – unable to display the data on the page
  50. Get post content and show it in a div
  51. Output multi-steps form results in same page
  52. Full Front End, AJAX comment system and comment reply script
  53. Use AJAX in a WordPress Plugin to Get Data From Custom Database?
  54. Get cat parameter from admin-ajax
  55. admin-ajax.php returns 0 even when the post status code is 200 OK
  56. How to display contact form 7 form in vanilla js without jquery in frontend
  57. Display full WordPress post under search form using AJAX
  58. WordPress Select Option Load Custom Fields
  59. Uncaught TypeError: Cannot read properties of undefined (reading ‘message’) [closed]
  60. WordPress AJAX Request returns 400
  61. Fetch value using AJAX in WordPress
  62. Query data after an Ajax insert
  63. AJAX not working when clicking load more button, when two terms are present in tax_query
  64. Search live Ajax
  65. javascript onClick update user_meta from jquery.ajax
  66. WordPress POST AJAX call, var_dump($_POST) NULL and AJAX response empty when inside ob_start
  67. Can I use application/json content type in WordPress
  68. jQuery.post returns 0
  69. Opening Modal popup on Ajax form submission
  70. Ajax sometimes work and sometimes just don’t work
  71. My function containing a mysql query launched by ajax is not working in wordpress. What am I missing?
  72. jQuery ajax method does not return data
  73. JS global variable doesn’t update
  74. 400 Bad Request getting on AJAX Call
  75. jQuery AJAX url wit variable
  76. Updating Jquery object with newly created elements after AJAX call
  77. How to pass array from jQuery to PHP with AJAX in WordPress?
  78. Download doccument on server rather than clients browser
  79. wordpress admin ajax trash_comment
  80. AJAX POST Value not being returned – WordPress – AutoTrader API
  81. Javascript output now showing in custom widget
  82. Many buttons not functioning in WordPress dashboard (as admin)
  83. Can’t get next post info with ajax
  84. How to inject data content from external json into a modal, using UIkit?
  85. Ajax by worpdress affects called jquery inside template file
  86. WorddPress website admin part not working correctly – I think ajax/json issue
  87. defined (‘ABSPATH’) false after AJAX post to other PHP-file
  88. Is not using admin-ajax to ajax submissions okay?
  89. Weird admin-ajax.php problem
  90. WordPress Get Header and Footer using in Admin Area
  91. get_comments() returns empty array if called through AJAX
  92. WordPress sound bell when new data will add
  93. Can’t access data from database using AJAX
  94. WordPress blocking polling request when signed into Admin
  95. WordPress Ajax send response on every iteration of a loop
  96. Custom WP rest api endpoint only working on non https?
  97. Bad Request 400… jQuery ajax post of json data to wordpress admin-ajax.php
  98. How to update my jquery/PHP function to add/remove user as favorites in (WordPress) users list
  99. AJAX call not initializing for non-admins in WordPress
  100. randomly get 400 error while user is logged in wp_ajax

Leave a Comment