How to modify header data for admin pages?

(@abatap)

Hello. I need to remove one of the GET parameters from client’s browser address bar to prevent duplicate operation. As far as I understand, the only way to do this server-side is to edit the Location header.

Here is a code snippet which is a part of an Order List page in WP Admin panel:

//display the contents of selected order
if (isset($_GET['show_order'])) {

    //see if our user clicked "mark this order processed"
    if (isset($_GET['mark_as_processed'])) {

      //update order status via custom function that uses $wpdb->update
      update_order($_GET['mark_as_processed'], 'Processed');

      //removing the mark_as_processed parameter from client's address bar
      //doesn't do anything
      add_action('send_headers', function() { header('Location: '.$_SERVER['HTTP_REFERER']); });

      //doesn't do anything either, probably because wp_headers isn't called for admin pages
      add_filter('wp_headers', function($headers) { $headers['Location'] = $_SERVER['HTTP_REFERER']; return $headers; });

      //wouldn't work too, obviosuly
      header('Location: '.$_SERVER['HTTP_REFERER']);
    }
}

Could anyone tell me what is wrong with my approach here? Note that the HTTP_REFERER global contains precisely what I need in this situation so it’s certainly not an issue here. The problem is that these add_filter or add_action functions don’t seem to perform any sort of operation on the headers being sent.

Viewing 2 replies - 1 through 2 (of 2 total)

yorman
(@yorman)

10 years, 11 months ago

I find the official WordPress documentation incomplete for several functions, actions and filters, so I generally suggest to read the source code, it helps to fix the majority of the issues that people post in these forums.

For instance, if you read the definition of the “send_headers” function [1] you will see that there is an exit point when the HTTP status code is equals to “403”, “500”, “502”, or “503”; or when the “E-tag” of the page is not different to the one stored by the client. You can also learn that the “wp_headers” filter is being called before the “send_headers” action, so my first attempt to fix the issue would be to switch positions of those two lines of code.

Warning. Be careful when using HTTP headers that start with the “HTTP_” prefix, they can be easily tampered, and you may end up opening major security holes in your website.

I hope you can find the solution reading that code.

[1] https://core.trac.ww.wp.xz.cn/browser/tags/4.2.2/src//wp-includes/class-wp.php#L336

Thread Starter Abatap
(@abatap)

10 years, 11 months ago

Apparently, switching positions of these function calls doesn’t really change anything. They still don’t produce any effect whatsoever. And to be honest, I have only put all three of them for the sake of a code snippet demonstration in my post. There must me something terribly wrong with how and possibly from where I call them. Although, I’ve successfully used a bunch of other filters and everything works as expected and described in the WP codex.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘How to modify header data for admin pages?’ is closed to new replies.

How to modify header data for admin pages?

Tags

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics