Theme Installer: Revert to proxying through PHP for WordPress.org API requests.
This is to ensure we have valid installation nonces, though we've run into this as a problem previously (see #27639, #27581, #27055). A tad slower, but we gained speed in 3.9 by simplifying the request made to the API. props ocean90. fixes #27798. Built from https://develop.svn.wordpress.org/trunk@28126 git-svn-id: http://core.svn.wordpress.org/trunk@27957 1a063a9b-81f0-0310-95a4-ce76da25c4cd
This commit is contained in:
Andrew Nacin
@@ -2204,3 +2204,48 @@ function wp_ajax_save_user_color_scheme() {
|
||||
update_user_meta( get_current_user_id(), 'admin_color', $color_scheme );
|
||||
wp_send_json_success();
|
||||
}
|
||||
|
||||
/**
|
||||
* Get themes from themes_api().
|
||||
*
|
||||
* @since 3.9.0
|
||||
*/
|
||||
function wp_ajax_query_themes() {
|
||||
global $themes_allowedtags, $theme_field_defaults;
|
||||
|
||||
if ( ! current_user_can( 'install_themes' ) ) {
|
||||
wp_send_json_error();
|
||||
}
|
||||
|
||||
$args = wp_parse_args( wp_unslash( $_REQUEST['request'] ), array(
|
||||
'per_page' => 20,
|
||||
'fields' => $theme_field_defaults
|
||||
) );
|
||||
|
||||
$old_filter = isset( $args['browse'] ) ? $args['browse'] : 'search';
|
||||
|
||||
/** This filter is documented in wp-admin/includes/class-wp-theme-install-list-table.php */
|
||||
$args = apply_filters( 'install_themes_table_api_args_' . $old_filter, $args );
|
||||
|
||||
$api = themes_api( 'query_themes', $args );
|
||||
|
||||
if ( is_wp_error( $api ) ) {
|
||||
wp_send_json_error();
|
||||
}
|
||||
|
||||
$update_php = self_admin_url( 'update.php?action=install-theme' );
|
||||
foreach ( $api->themes as &$theme ) {
|
||||
$theme->install_url = add_query_arg( array(
|
||||
'theme' => $theme->slug,
|
||||
'_wpnonce' => wp_create_nonce( 'install-theme_' . $theme->slug )
|
||||
), $update_php );
|
||||
|
||||
$theme->name = wp_kses( $theme->name, $themes_allowedtags );
|
||||
$theme->author = wp_kses( $theme->author, $themes_allowedtags );
|
||||
$theme->version = wp_kses( $theme->version, $themes_allowedtags );
|
||||
$theme->description = wp_kses( $theme->description, $themes_allowedtags );
|
||||
$theme->num_ratings = sprintf( _n( '(based on %s rating)', '(based on %s ratings)', $theme->num_ratings ), number_format_i18n( $theme->num_ratings ) );
|
||||
}
|
||||
|
||||
wp_send_json_success( $api );
|
||||
}
|
||||
|
||||
@@ -346,7 +346,9 @@ function themes_api( $action, $args = null ) {
|
||||
$request = wp_remote_post( $url, $args );
|
||||
|
||||
if ( $ssl && is_wp_error( $request ) ) {
|
||||
trigger_error( __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href="https://wordpress.org/support/">support forums</a>.' ) . ' ' . '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)', headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE );
|
||||
if ( ! defined( 'DOING_AJAX' ) || ! DOING_AJAX ) {
|
||||
trigger_error( __( 'An unexpected error occurred. Something may be wrong with WordPress.org or this server’s configuration. If you continue to have problems, please try the <a href="https://wordpress.org/support/">support forums</a>.' ) . ' ' . '(WordPress could not establish a secure connection to WordPress.org. Please contact your server administrator.)', headers_sent() || WP_DEBUG ? E_USER_WARNING : E_USER_NOTICE );
|
||||
}
|
||||
$request = wp_remote_post( $http_url, $args );
|
||||
}
|
||||
|
||||
@@ -452,4 +454,4 @@ function wp_prepare_themes_for_js( $themes = null ) {
|
||||
*/
|
||||
$prepared_themes = apply_filters( 'wp_prepare_themes_for_js', $prepared_themes );
|
||||
return array_values( $prepared_themes );
|
||||
}
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user