Private Access Private Access

This function’s access is marked private. This means it is not intended for use by plugin or theme developers, only in other core functions. It is listed here for completeness.

Summery Summery

Add magic quotes to $_GET, $_POST, $_COOKIE, and $_SERVER.

Syntax Syntax


Description Description

Also forces $_REQUEST to be $_GET + $_POST. If $_SERVER, $_COOKIE, or $_ENV are needed, use those superglobals directly.

Source Source

File: wp-includes/load.php


	$actions_to_protect = array(
		'edit-theme-plugin-file', // Saving changes in the core code editor.
		'heartbeat',              // Keep the heart beating.
		'install-plugin',         // Installing a new plugin.
		'install-theme',          // Installing a new theme.
		'search-plugins',         // Searching in the list of plugins.
		'search-install-plugins', // Searching for a plugin in the plugin install screen.
		'update-plugin',          // Update an existing plugin.
		'update-theme',           // Update an existing theme.

	 * Filters the array of protected Ajax actions.
	 * This filter is only fired when doing Ajax and the Ajax request has an 'action' property.
	 * @since 5.2.0
	 * @param string[] $actions_to_protect Array of strings with Ajax actions to protect.


Changelog Changelog

Version Description
3.0.0 Introduced.


Leave a Reply