Support » Themes and Templates » Theme redirects ajax requests for users that are not logged in

  • Resolved sinetheta


    Hi, I am wondering if anyone knows how a theme might be able to interfere with ajax requests.

    I have a plugin which works fine in any other theme (including Directorypress 6.3.2) but I recently installed classifiedstheme 7.0.2 on a new wordpress 3.3.1 install and the plugin now does not work for users who are not logged in.

    The plugin has two ajax actions:

    add_action( 'wp_ajax_em_ajax_getEvents', 'em_ajax_getEvents' ); // ajax for logged in users
    add_action( 'wp_ajax_nopriv_em_ajax_getEvents', 'em_ajax_getEvents' ); // ajax for not logged in users

    When a user is not logged in they see the following:

    POST http://<server>/wp-admin/admin-ajax.php 302 Moved Temporarily 999ms
    GET http://<server>/ 200 OK 441ms

    But of course they receive no information because the root certainly has no idea how to deal with that request. Any ideas how classifiedstheme might be causing that ajax call to redirect?

Viewing 7 replies - 1 through 7 (of 7 total)
  • esmi


    Forum Moderator

    As this is a commercial theme, you need to seek support from the theme’s vendors.

    Fair enough, I was really just hoping for how a theme might be able to get in the way of a an ajax request like this, so that I could search it out in the source myself.

    SOLUTION: the theme was using an ‘init’ hook to protect its admin area, but this was also redirecting anonymous ajax requests. When I can find a safe way to disable this without compromising the admin area I will post.

    // stop users accessing the admin
    add_action('init', array( $this, 'prevent_admin_access' ), 0);
    function prevent_admin_access() {       
        if (strpos(strtolower($_SERVER['REQUEST_URI']), '/wp-admin') !== false) {
            $current_user = wp_get_current_user(); 
            if(!user_can($current_user->ID, 'administrator') && ( !user_can($current_user->ID, 'contributor') ) ){

    Any solution yet?

    The author of Classifieds Theme updated the theme to patch the problem. Are you experiencing a similar problem?

    Yes I am, but with a different theme. Do you know what the patch is?

    Well the “patch” is to not highjack the ajax requests like this theme was doing. I imagine he just found a better way to protect his admin area. I can’t really suggest a fix though, since in this theme all you would need to do is remove the hook noted above.
    I would recommend searching for add_action('init' or /wp-admin in your theme to see if it’s the same problem, if yes, decide how else to do whatever those lines are doing instead of just wholesale blocking access to the admin files of WP.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Theme redirects ajax requests for users that are not logged in’ is closed to new replies.