session cookie in AJAX request

mortydot
(@mortydot)

13 years, 3 months ago
Hi,

I’m currently developing a front-end plugin that uses AJAX quite extensively. I’ve developed back-end plugins before and never had any problems with AJAX there, but it is killing me in the front-end.

I use this code to trigger the AJAX action:
```
add_action('wp_ajax_search', array('WPPictureTagFrontend', 'handleAjax'));
```
And call the action with this JQuery:
```
$.post(wnm_custom.url + "?action=save"
    			, {'data': form.serializeFormJSON(), 'cookie': encodeURIComponent(document.cookie)}
    			, function(data){...
```
wnm_custom.url is the correct URL, passed on by the JS i18n.

But when I try to do anything that requires the session cookie, WP doesn’t recognize the cookie. For instance when I do this:
```
if (is_user_logged_in())
				return true;
			else
				return false;
```
The statement returns false.

How do I allow JQuery to pass the session cookie in an AJAX request? I’ve ran out of ideas and frankly, I’ve haven’t seen somebody give a straightforward answer to this problem.

Viewing 3 replies - 1 through 3 (of 3 total)

Moderator bcworkz
(@bcworkz)

13 years, 3 months ago

I suggest structuring your AJAX calls as outlined in AJAX in Plugins. First off, you can determine whether the user is logged in or not by which action fires. That is all I’m certain of, the remainder here is speculation. It seems the session cookie gets handled properly using this approach or the admin-ajax.php page would not know which action to trigger. I would like to think related functions like is_user_logged_in() would also work properly with this approach. In addition, the contained cookie values should be available in $_COOKIES should you have other needs from the session cookie.

Whether my speculations turn out to be true or not, I’m sure you will get more consistent results with AJAX in WP by channeling all calls through admin-ajax.php and hooking the action in part defined by the action value passed by $.post(), all as outlined in the previous link.
Thread Starter mortydot
(@mortydot)

13 years, 3 months ago
Hi bcworkz,

Thanks for your response!

I’ve read the link you send before I posted here, and handled the request (as far as I can see) per the standard in the codex page. I just noticed that I copy-pasted the wrong line, but I use admin-ajax.php to route my AJAX request. Apart from that, the only difference between my implementation and the codex page was that I passed the action in the get data, not the post data. I changed the action to the post data, but it doesn’t handle anything different. Admin-ajax.php still routes my request correctly.

I’ve var_dump’ed the $_COOKIE, and it results in the following:
```
array(5) {
  ["wordpress_test_cookie"]=>
  string(15) "WP Cookie check"
  ["PHPSESSID"]=>
  string(26) "rfqulphohnpoce22q92q8hp921"
  ["wordpress_c9ffd64810c5b308bbb557f8d5405caa"]=>
  string(54) "mortydot|1362656856|bec964e372381db3b52acb331fcda431"
  ["wordpress_logged_in_c9ffd64810c5b308bbb557f8d5405caa"]=>
  string(54) "mortydot|1362656856|49fc774f3869070751773ed768d61ede"
  ["wp-settings-time-7"]=>
  string(10) "1362491907"
}
```
This makes me conclude that the cookie is passed correctly. Still the question remains: why doesn’t wordpress handle the cookie correctly?

Thanks for any help in advance!
Moderator bcworkz
(@bcworkz)

13 years, 3 months ago

Thanks for clarifying. At least we have narrowed down where the issue is occurring. It is indeed puzzling. If you look at the source code for admin-ajax.php, we see is_user_logged_in() is used to determine which ‘wp_action…’ action to trigger. Since you hooked ‘wp_action_search’ and it is presumably firing, that means is_user_logged_in() MUST have returned true! Yet in your action callback, it is returning false. There is very little code between these instances, yet something has changed. Best I can tell, the global $current_user must have been corrupted somehow in between, as that is how the function determines whether to return true or false.

It doesn’t seem to be a cookie issue as the function works correctly the first time. BTW, for your callback to work with users that are not logged in, you must also hook the action ‘wp_ajax_nopriv_search’. There is also a discrepancy between the action data value “save” that is passed and the action callback tag “search”, which need to match. I assume this is part of the erroneous paste and you have resolved this, but if you haven’t, you’d better do so 🙂 Lastly, though it shouldn’t make any difference here, action values using solely common verbs like search and save make me nervous due to the danger of name collisions. You eliminate a potentially difficult to find error by using more obscure values like ‘mtydt_save’.

Hopefully this all helps you zero in on the source of this mystery. Good luck!

Viewing 3 replies - 1 through 3 (of 3 total)

The topic ‘session cookie in AJAX request’ is closed to new replies.

session cookie in AJAX request

Tags

Topics

Topics with no replies

Non-support topics

Resolved topics

Unresolved topics

All topics