-
Notifications
You must be signed in to change notification settings - Fork 3
/
Copy pathajax.php
84 lines (70 loc) · 2.5 KB
/
ajax.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
<?php
/*=====================================================
SCRIPT CONFIGURATION FILE
*=====================================================*/
define("DOING_AJAX", true);
$origin = $_SERVER['HTTP_ORIGIN'];
$mainDomain = preg_replace('/^https?:\/\/([^\/]+).*$/', '$1', $origin);
header("Access-Control-Allow-Origin: $mainDomain");
require_once realpath(__DIR__) . '/load.php';
/*=====================================================
HANDLING VALID AJAX
*=====================================================*/
if (
! isset( $_REQUEST['action'] )
|| empty( $_REQUEST['action'] )
|| ! is_scalar( $_REQUEST['action'] )
) {
header('HTTP/1.1 500 Internal Server Error');
die('0');
}
/*=====================================================
INCLUDE TOOL FUNCTIONS.PHP FILE
*=====================================================*/
if (
isset( $_REQUEST['tool'] )
&& ! empty( $_REQUEST['tool'] )
) {
$toolfunc = TOOLS_PATH . $_REQUEST['tool'] . "/functions.php";
if( file_exists( $toolfunc ) ){
require_once $toolfunc;
}
}else if (
isset( $_REQUEST['install'] )
&& ! empty( $_REQUEST['install'] )
) {
$ajaxFile = get_site_path() . "admin_file/install/ajax.php";
if( file_exists( $ajaxFile ) ){
include $ajaxFile;
}else{
ast_send_json(array(
"success" => false,
"message" => "Installation File is mising!!!"
));
}
}
/*=====================================================
HANDLING AJAX FOR LOGIN AND NON LOGIN USERS
*=====================================================*/
$action = $_REQUEST['action'];
if ( is_user_loggin() ) {
if ( ! has_action( "ajax/req/{$action}" ) ) {
header('HTTP/1.1 500 Internal Server Error');
die('Incorrect Ajax Setup');
}
do_action( "ajax/req/{$action}" );
} else {
if ( ! has_action( "ajax/req/nologin/{$action}" ) ) {
header('HTTP/1.1 500 Internal Server Error');
die('Incorrect Ajax Setup');
}
/*=====================================================
CSRF VALIDATION FOR NON LOGIN USERS
*=====================================================*/
// if( ! csrf_validate() ){
// header('HTTP/1.1 500 Internal Server Error');
// die('csrf Error!!!');
// }
do_action( "ajax/req/nologin/{$action}" );
}
die('0');