Are 'wp_ajax' and 'wp_ajax_nopriv' exclusive to authenticated and non-authenticated users?












3















Basically what I'm asking is, is wp_ajax_nopriv exclusive to non-logged-in users?



Will a wp_ajax_nopriv action fire if a user is logged in?










share|improve this question





























    3















    Basically what I'm asking is, is wp_ajax_nopriv exclusive to non-logged-in users?



    Will a wp_ajax_nopriv action fire if a user is logged in?










    share|improve this question



























      3












      3








      3








      Basically what I'm asking is, is wp_ajax_nopriv exclusive to non-logged-in users?



      Will a wp_ajax_nopriv action fire if a user is logged in?










      share|improve this question
















      Basically what I'm asking is, is wp_ajax_nopriv exclusive to non-logged-in users?



      Will a wp_ajax_nopriv action fire if a user is logged in?







      ajax actions






      share|improve this question















      share|improve this question













      share|improve this question




      share|improve this question








      edited Jan 23 at 9:31









      fuxia

      92.4k13183363




      92.4k13183363










      asked Jan 22 at 22:18









      SwenSwen

      5542824




      5542824






















          2 Answers
          2






          active

          oldest

          votes


















          6














          Looking at the WordPress source code, I'd say that wp_ajax_nopriv_* fires only if you're not logged in, and wp_ajax_* fires otherwise.



          Here's the relevant bit, in admin-ajax.php, lines 85-115 in version 5.0.3:



          if ( is_user_logged_in() ) {
          // If no action is registered, return a Bad Request response.
          if ( ! has_action( 'wp_ajax_' . $_REQUEST['action'] ) ) {
          wp_die( '0', 400 );
          }

          /**
          * Fires authenticated Ajax actions for logged-in users.
          *
          * The dynamic portion of the hook name, `$_REQUEST['action']`,
          * refers to the name of the Ajax action callback being fired.
          *
          * @since 2.1.0
          */
          do_action( 'wp_ajax_' . $_REQUEST['action'] );
          } else {
          // If no action is registered, return a Bad Request response.
          if ( ! has_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] ) ) {
          wp_die( '0', 400 );
          }

          /**
          * Fires non-authenticated Ajax actions for logged-out users.
          *
          * The dynamic portion of the hook name, `$_REQUEST['action']`,
          * refers to the name of the Ajax action callback being fired.
          *
          * @since 2.8.0
          */
          do_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] );
          }


          So, if you're logged in (ie, is_user_logged_in() is true), it runs the wp_ajax_* action(s), otherwise it runs the wp_ajax_nopriv_* actions.



          If you want the same action run regardless whether your user is logged in or not, I'd recommend you hook to both wp_ajax_* and wp_ajax_nopriv_*.






          share|improve this answer































            3














            As per wp_ajax_(action) codex:




            This hook is functionally the same as wp_ajax_(action), except the
            "nopriv" variant is used for handling AJAX requests from
            unauthenticated users, i.e. when is_user_logged_in() returns false.




            is_user_logged_in() determines whether the current visitor is a logged in user. It will return true if user is logged in, false if not logged in.






            share|improve this answer























              Your Answer








              StackExchange.ready(function() {
              var channelOptions = {
              tags: "".split(" "),
              id: "110"
              };
              initTagRenderer("".split(" "), "".split(" "), channelOptions);

              StackExchange.using("externalEditor", function() {
              // Have to fire editor after snippets, if snippets enabled
              if (StackExchange.settings.snippets.snippetsEnabled) {
              StackExchange.using("snippets", function() {
              createEditor();
              });
              }
              else {
              createEditor();
              }
              });

              function createEditor() {
              StackExchange.prepareEditor({
              heartbeatType: 'answer',
              autoActivateHeartbeat: false,
              convertImagesToLinks: false,
              noModals: true,
              showLowRepImageUploadWarning: true,
              reputationToPostImages: null,
              bindNavPrevention: true,
              postfix: "",
              imageUploader: {
              brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
              contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
              allowUrls: true
              },
              onDemand: true,
              discardSelector: ".discard-answer"
              ,immediatelyShowMarkdownHelp:true
              });


              }
              });














              draft saved

              draft discarded


















              StackExchange.ready(
              function () {
              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fwordpress.stackexchange.com%2fquestions%2f326387%2fare-wp-ajax-and-wp-ajax-nopriv-exclusive-to-authenticated-and-non-authentica%23new-answer', 'question_page');
              }
              );

              Post as a guest















              Required, but never shown

























              2 Answers
              2






              active

              oldest

              votes








              2 Answers
              2






              active

              oldest

              votes









              active

              oldest

              votes






              active

              oldest

              votes









              6














              Looking at the WordPress source code, I'd say that wp_ajax_nopriv_* fires only if you're not logged in, and wp_ajax_* fires otherwise.



              Here's the relevant bit, in admin-ajax.php, lines 85-115 in version 5.0.3:



              if ( is_user_logged_in() ) {
              // If no action is registered, return a Bad Request response.
              if ( ! has_action( 'wp_ajax_' . $_REQUEST['action'] ) ) {
              wp_die( '0', 400 );
              }

              /**
              * Fires authenticated Ajax actions for logged-in users.
              *
              * The dynamic portion of the hook name, `$_REQUEST['action']`,
              * refers to the name of the Ajax action callback being fired.
              *
              * @since 2.1.0
              */
              do_action( 'wp_ajax_' . $_REQUEST['action'] );
              } else {
              // If no action is registered, return a Bad Request response.
              if ( ! has_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] ) ) {
              wp_die( '0', 400 );
              }

              /**
              * Fires non-authenticated Ajax actions for logged-out users.
              *
              * The dynamic portion of the hook name, `$_REQUEST['action']`,
              * refers to the name of the Ajax action callback being fired.
              *
              * @since 2.8.0
              */
              do_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] );
              }


              So, if you're logged in (ie, is_user_logged_in() is true), it runs the wp_ajax_* action(s), otherwise it runs the wp_ajax_nopriv_* actions.



              If you want the same action run regardless whether your user is logged in or not, I'd recommend you hook to both wp_ajax_* and wp_ajax_nopriv_*.






              share|improve this answer




























                6














                Looking at the WordPress source code, I'd say that wp_ajax_nopriv_* fires only if you're not logged in, and wp_ajax_* fires otherwise.



                Here's the relevant bit, in admin-ajax.php, lines 85-115 in version 5.0.3:



                if ( is_user_logged_in() ) {
                // If no action is registered, return a Bad Request response.
                if ( ! has_action( 'wp_ajax_' . $_REQUEST['action'] ) ) {
                wp_die( '0', 400 );
                }

                /**
                * Fires authenticated Ajax actions for logged-in users.
                *
                * The dynamic portion of the hook name, `$_REQUEST['action']`,
                * refers to the name of the Ajax action callback being fired.
                *
                * @since 2.1.0
                */
                do_action( 'wp_ajax_' . $_REQUEST['action'] );
                } else {
                // If no action is registered, return a Bad Request response.
                if ( ! has_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] ) ) {
                wp_die( '0', 400 );
                }

                /**
                * Fires non-authenticated Ajax actions for logged-out users.
                *
                * The dynamic portion of the hook name, `$_REQUEST['action']`,
                * refers to the name of the Ajax action callback being fired.
                *
                * @since 2.8.0
                */
                do_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] );
                }


                So, if you're logged in (ie, is_user_logged_in() is true), it runs the wp_ajax_* action(s), otherwise it runs the wp_ajax_nopriv_* actions.



                If you want the same action run regardless whether your user is logged in or not, I'd recommend you hook to both wp_ajax_* and wp_ajax_nopriv_*.






                share|improve this answer


























                  6












                  6








                  6







                  Looking at the WordPress source code, I'd say that wp_ajax_nopriv_* fires only if you're not logged in, and wp_ajax_* fires otherwise.



                  Here's the relevant bit, in admin-ajax.php, lines 85-115 in version 5.0.3:



                  if ( is_user_logged_in() ) {
                  // If no action is registered, return a Bad Request response.
                  if ( ! has_action( 'wp_ajax_' . $_REQUEST['action'] ) ) {
                  wp_die( '0', 400 );
                  }

                  /**
                  * Fires authenticated Ajax actions for logged-in users.
                  *
                  * The dynamic portion of the hook name, `$_REQUEST['action']`,
                  * refers to the name of the Ajax action callback being fired.
                  *
                  * @since 2.1.0
                  */
                  do_action( 'wp_ajax_' . $_REQUEST['action'] );
                  } else {
                  // If no action is registered, return a Bad Request response.
                  if ( ! has_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] ) ) {
                  wp_die( '0', 400 );
                  }

                  /**
                  * Fires non-authenticated Ajax actions for logged-out users.
                  *
                  * The dynamic portion of the hook name, `$_REQUEST['action']`,
                  * refers to the name of the Ajax action callback being fired.
                  *
                  * @since 2.8.0
                  */
                  do_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] );
                  }


                  So, if you're logged in (ie, is_user_logged_in() is true), it runs the wp_ajax_* action(s), otherwise it runs the wp_ajax_nopriv_* actions.



                  If you want the same action run regardless whether your user is logged in or not, I'd recommend you hook to both wp_ajax_* and wp_ajax_nopriv_*.






                  share|improve this answer













                  Looking at the WordPress source code, I'd say that wp_ajax_nopriv_* fires only if you're not logged in, and wp_ajax_* fires otherwise.



                  Here's the relevant bit, in admin-ajax.php, lines 85-115 in version 5.0.3:



                  if ( is_user_logged_in() ) {
                  // If no action is registered, return a Bad Request response.
                  if ( ! has_action( 'wp_ajax_' . $_REQUEST['action'] ) ) {
                  wp_die( '0', 400 );
                  }

                  /**
                  * Fires authenticated Ajax actions for logged-in users.
                  *
                  * The dynamic portion of the hook name, `$_REQUEST['action']`,
                  * refers to the name of the Ajax action callback being fired.
                  *
                  * @since 2.1.0
                  */
                  do_action( 'wp_ajax_' . $_REQUEST['action'] );
                  } else {
                  // If no action is registered, return a Bad Request response.
                  if ( ! has_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] ) ) {
                  wp_die( '0', 400 );
                  }

                  /**
                  * Fires non-authenticated Ajax actions for logged-out users.
                  *
                  * The dynamic portion of the hook name, `$_REQUEST['action']`,
                  * refers to the name of the Ajax action callback being fired.
                  *
                  * @since 2.8.0
                  */
                  do_action( 'wp_ajax_nopriv_' . $_REQUEST['action'] );
                  }


                  So, if you're logged in (ie, is_user_logged_in() is true), it runs the wp_ajax_* action(s), otherwise it runs the wp_ajax_nopriv_* actions.



                  If you want the same action run regardless whether your user is logged in or not, I'd recommend you hook to both wp_ajax_* and wp_ajax_nopriv_*.







                  share|improve this answer












                  share|improve this answer



                  share|improve this answer










                  answered Jan 22 at 22:29









                  Pat JPat J

                  6,62311931




                  6,62311931

























                      3














                      As per wp_ajax_(action) codex:




                      This hook is functionally the same as wp_ajax_(action), except the
                      "nopriv" variant is used for handling AJAX requests from
                      unauthenticated users, i.e. when is_user_logged_in() returns false.




                      is_user_logged_in() determines whether the current visitor is a logged in user. It will return true if user is logged in, false if not logged in.






                      share|improve this answer




























                        3














                        As per wp_ajax_(action) codex:




                        This hook is functionally the same as wp_ajax_(action), except the
                        "nopriv" variant is used for handling AJAX requests from
                        unauthenticated users, i.e. when is_user_logged_in() returns false.




                        is_user_logged_in() determines whether the current visitor is a logged in user. It will return true if user is logged in, false if not logged in.






                        share|improve this answer


























                          3












                          3








                          3







                          As per wp_ajax_(action) codex:




                          This hook is functionally the same as wp_ajax_(action), except the
                          "nopriv" variant is used for handling AJAX requests from
                          unauthenticated users, i.e. when is_user_logged_in() returns false.




                          is_user_logged_in() determines whether the current visitor is a logged in user. It will return true if user is logged in, false if not logged in.






                          share|improve this answer













                          As per wp_ajax_(action) codex:




                          This hook is functionally the same as wp_ajax_(action), except the
                          "nopriv" variant is used for handling AJAX requests from
                          unauthenticated users, i.e. when is_user_logged_in() returns false.




                          is_user_logged_in() determines whether the current visitor is a logged in user. It will return true if user is logged in, false if not logged in.







                          share|improve this answer












                          share|improve this answer



                          share|improve this answer










                          answered Jan 22 at 22:29









                          Kashif RafiqueKashif Rafique

                          263111




                          263111






























                              draft saved

                              draft discarded




















































                              Thanks for contributing an answer to WordPress Development Stack Exchange!


                              • Please be sure to answer the question. Provide details and share your research!

                              But avoid



                              • Asking for help, clarification, or responding to other answers.

                              • Making statements based on opinion; back them up with references or personal experience.


                              To learn more, see our tips on writing great answers.




                              draft saved


                              draft discarded














                              StackExchange.ready(
                              function () {
                              StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fwordpress.stackexchange.com%2fquestions%2f326387%2fare-wp-ajax-and-wp-ajax-nopriv-exclusive-to-authenticated-and-non-authentica%23new-answer', 'question_page');
                              }
                              );

                              Post as a guest















                              Required, but never shown





















































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown

































                              Required, but never shown














                              Required, but never shown












                              Required, but never shown







                              Required, but never shown







                              Popular posts from this blog

                              mysqli_query(): Empty query in /home/lucindabrummitt/public_html/blog/wp-includes/wp-db.php on line 1924

                              How to change which sound is reproduced for terminal bell?

                              Can I use Tabulator js library in my java Spring + Thymeleaf project?