Get cat parameter from admin-ajax
https://wordpress.stackexchange.com/questions/3780
-
16-10-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I have a plugin that restricts the categories users can view/edit in the admin. All works fine in WordPress 3.0.1, but as I started testing 3.1 I noticed that the category filter, which is AJAX, allows you to bypass the restrictions. I'm able to filter this out in 3.0.1 because it's submitted via URL parameters. My trouble is being able to $_GET the 'cat' parameter from the new AJAX request. I have tried testing for $_SERVER['HTTP_X_REQUESTED_WITH'], but it doesn't register.
I've asked this question on the wp-hackers mailing list, but no one can give me actual code that helps with my predicament.
Solution
For excluding terms of a taxonomy the better way to do that would be to use the hook that was created for doing term exclusions.. list_terms_exclusions
Get the available categories using get_terms (get_categories calls get_terms anyway IIRC), and do your exclusions using a hook on list_terms_exclusions and your code should work as expected..
You can see the hook i'm referring to on line 1040. http://core.trac.wordpress.org/browser/trunk/wp-includes/taxonomy.php
NOTE: Your plugin does not have a sanitization callback function when it calls register_setting, your options won't get sanitized properly without one, i'd strongly advise you declare a callback function and sanitize the data as appropriate (especially if you're passing that saved data into queries).
