How can I change that code to be safe in WP?
public static function isAJAX( ) {
return isset( $_SERVER[‘HTTP_X_REQUESTED_WITH’] ) and ( $_SERVER[‘HTTP_X_REQUESTED_WITH’] == ‘XMLHttpRequest’ );
}
“DOING_AJAX” didn’t work. Becuase, I check if a page content called via AJAX or opened normally.
kotofey
2
I’m not sure I understood your question correctly but I think you need to look at WordPress Nonces and check_ajax_referer() function
ewizz
3
or simply use some variable only in ajax calls and check if it’s set
I think, I’ll use a variable to solve that issue. WP nonce is for security of AJAX fields generally.
I tried it. But, didn’t work. I’ll add a variable to the url.