Looking at the WordPress source code, I’d say that wp_ajax_nopriv_* fires only if you’re not logged in, and wp_ajax_* fires otherwise. Here’s the relevant bit, in admin-ajax.php, lines 85-115 in version 5.0.3: if ( is_user_logged_in() ) { // If no action is registered, return a Bad Request response. if ( ! has_action( ‘wp_ajax_’ . $_REQUEST[‘action’] … Read more
Sometimes I have a 500 error ( from NGinx ) just because I have a “character” getting outputted before the first header gets written ( or in-between ). Activate WP_DEBUG = true and see what happens. 99% of the case I could spot the error from there. ( and it was nearly all the time … Read more
Based on your question, I assume this is the plugin you are using to enable SSL: WordPress HTTPS. Considering that the plugin hasn’t been updated in two years and their support questions haven’t been resolved, there may be some compatibility issues with the latest version of WordPress (4.6 at the time of this writing). My … Read more
I know this question is ancient, but no, it’s not very secure. Anyone with knowledge of the AJAX endpoint would be able to generate valid nonces, which defeats the purpose in the first place. That being said, nonces are a low level defence in the first place: they only stop the simplest of attacks. A … Read more
are we talking about the single product view or the product archive pages (shop,categories)? because the text beside the checkbox/option states, roughly translated: »activate ajax-checkout-button on product archive pages« and on all the installations i did so for, that is the way its working – ajax checkout on the archives, but not on the single … Read more
Use jQuerys getJSON in the autocompletes source method and use WordPress’ admin-ajax.php to handle the request, to avoid having to find wp-load.php (which may have been moved) and would load WordPress on every request. First of all: get the ajax url of your WordPress blog: This is simple: admin_url( ‘admin-ajax.php’ ) But, we want this … Read more
Each of these have their own advantages and disadvantages. You might need to choose one over another, based on your needs. They are both well secured, otherwise they wouldn’t exist in the core. REST-API, The modern and well known API The REST API was added to ( or better say, combined with ) the core … Read more
What you’re experiencing (AJAX works locally, but not on the server) there is a delay problem. Locally everything works that fast, that you can’t see your problem. In short, this is your problem: AJAX callback (A) executes > AJAX Callback (B) doesn’t know that it has to wait for (A) > You can’t see the … Read more
it is too late but for public use: /* if qTranslate is installed */ /* set front locale for ajax calls requested from front-end */ function set_locale_for_frontend_ajax_calls() { if ( is_admin() && defined( ‘DOING_AJAX’ ) && DOING_AJAX && substr( $_SERVER[‘HTTP_REFERER’], 0, strlen( admin_url() ) ) != admin_url() ) { load_theme_textdomain( ‘your-theme-domain-name’, get_template_directory() . ‘/languages’ ); … Read more
I add one function wp_set_current_user for setting up current user. add_action( ‘wp_ajax_facebook_login’, ‘facebook_ajax_login_or_register’ ); add_action( ‘wp_ajax_nopriv_facebook_login’, ‘facebook_ajax_login_or_register’ ); function facebook_ajax_login_or_register(){ $uid = sanitize_text_field( $_POST[‘uid’] ); $args = array( ‘meta_key’ => ‘fbuid’, ‘meta_value’ => $uid, ‘meta_compare’ => ‘=’, ); $fb_user = get_users($args); $current_user_id = $fb_user[0]; wp_set_current_user($current_user_id);//Set current user wp_set_auth_cookie( $current_user_id, true ); $response[success] = true; echo … Read more