How can I change that code to be safe in WP?
public static function isAJAX( ) {
return isset( $_SERVER[‘HTTP_X_REQUESTED_WITH’] ) and ( $_SERVER[‘HTTP_X_REQUESTED_WITH’] == ‘XMLHttpRequest’ );
}
“DOING_AJAX” didn’t work. Becuase, I check if a page content called via AJAX or opened normally.
I’m not sure I understood your question correctly but I think you need to look at WordPress Nonces and check_ajax_referer() function
or simply use some variable only in ajax calls and check if it’s set
I think, I’ll use a variable to solve that issue. WP nonce is for security of AJAX fields generally.
This is from WooCommerce:
https://docs.woocommerce.com/wc-apidocs/source-function-is_ajax.html#245-252
I tried it. But, didn’t work. I’ll add a variable to the url.