Customizer: Gravefully handle cookie expipration. Prompt for log in in the preview. Props ocean90, koopersmith, nacin. fixes #20876

git-svn-id: https://develop.svn.wordpress.org/trunk@21031 602fd350-edb4-49c9-b593-d223f7449a82

wp-includes/class-wp-customize-manager.php

@@ -31,6 +31,8 @@ final class WP_Customize_Manager {
 		require( ABSPATH . WPINC . '/class-wp-customize-section.php' );
 		require( ABSPATH . WPINC . '/class-wp-customize-control.php' );
 
+		add_filter( 'wp_die_handler', array( $this, 'wp_die_handler' ) );
+
 		add_action( 'setup_theme',  array( $this, 'setup_theme' ) );
 		add_action( 'wp_loaded',    array( $this, 'wp_loaded' ) );
 
@@ -52,16 +54,54 @@ final class WP_Customize_Manager {
 		add_action( 'customize_controls_enqueue_scripts', array( $this, 'enqueue_control_scripts' ) );
 	}
 
-	/**
-	 * Start preview and customize theme.
+ 	/**
+	 * Return true if it's an AJAX request.
 	 *
-	 * Check if customize query variable exist. Init filters to filter the current theme.
+	 * @since 3.4.0
+	 */
+	public function doing_ajax() {
+		return isset( $_POST['customized'] ) || ( defined( 'DOING_AJAX' ) && DOING_AJAX );
+	}
+
+	/**
+	 * Custom wp_die wrapper. Returns either the standard message for UI
+	 * or the AJAX message.
+	 *
+	 * @param  mixed $ajax_message AJAX return
+	 * @param  mixed $message      UI message
+	 *
+	 * @since 3.4.0
+	 */
+	private function wp_die( $ajax_message, $message ) {
+		if ( $this->doing_ajax() )
+			wp_die( $ajax_message );
+
+		wp_die( $message );
+	}
+
+	/**
+	 * Return the AJAX wp_die() handler if it's a customized request.
+	 *
+	 * @since 3.4.0
+	 */
+	public function wp_die_handler() {
+		if ( $this->doing_ajax() )
+			return '_ajax_wp_die_handler';
+
+		return '_default_wp_die_handler';
+	}
+	/**
+	* Start preview and customize theme.
+	*
+	* Check if customize query variable exist. Init filters to filter the current theme.
 	 *
 	 * @since 3.4.0
 	 */
 	public function setup_theme() {
-		if ( is_admin() && ! defined( 'DOING_AJAX' ) )
-			auth_redirect();
+		if ( is_admin() && ! $this->doing_ajax() )
+		    auth_redirect();
+		elseif ( $this->doing_ajax() && ! is_user_logged_in())
+		    wp_die( 0 );
 
 		send_origin_headers();
 
@@ -71,13 +111,13 @@ final class WP_Customize_Manager {
 
 		// You can't preview a theme if it doesn't exist, or if it is not allowed (unless active).
 		if ( ! $this->theme->exists() )
-			wp_die( __( 'Cheatin’ uh?' ) );
+			$this->wp_die( -1, __( 'Cheatin’ uh?' ) );
 
 		if ( $this->theme->get_stylesheet() != get_stylesheet() && ( ! $this->theme()->is_allowed() || ! current_user_can( 'switch_themes' ) ) )
-			wp_die( __( 'Cheatin’ uh?' ) );
+			$this->wp_die( -1, __( 'Cheatin’ uh?' ) );
 
 		if ( ! current_user_can( 'edit_theme_options' ) )
-			wp_die( __( 'Cheatin’ uh?' ) );
+			$this->wp_die( -1, __( 'Cheatin’ uh?' ) );
 
 		$this->start_previewing_theme();
 		show_admin_bar( false );
@@ -949,4 +989,4 @@ function maybe_hash_hex_color( $color ) {
 		return '#' . $unhashed;
 
 	return $color;
-}
+}

wp-includes/script-loader.php

@@ -305,6 +305,7 @@ function wp_default_scripts( &$scripts ) {
 		'saved'     => __( 'Saved' ),
 		'cancel'    => __( 'Cancel' ),
 		'close'     => __( 'Close' ),
+		'cheatin'   => __( 'Cheatin’ uh?' ),
 	) );
 
 	if ( is_admin() ) {