function ajax_base_page_theme

Theme callback: Returns the correct theme for an Ajax request.

Many different pages can invoke an Ajax request to system/ajax or another generic Ajax path. It is almost always desired for an Ajax response to be rendered using the same theme as the base page, because most themes are built with the assumption that they control the entire page, so if the CSS for two themes are both loaded for a given page, they may conflict with each other. For example, Bartik is Drupal's default theme, and Seven is Drupal's default administration theme. Depending on whether the "Use the administration theme when editing or creating content" checkbox is checked, the node edit form may be displayed in either theme, but the Ajax response to the Field module's "Add another item" button should be rendered using the same theme as the rest of the page. Therefore, system_menu() sets the 'theme callback' for 'system/ajax' to this function, and it is recommended that modules implementing other generic Ajax paths do the same.

See also

system_menu()

file_menu()

Related topics

7 string references to 'ajax_base_page_theme'
ajax_test_menu in drupal/core/modules/system/tests/modules/ajax_test/ajax_test.module
Implements hook_menu().
contextual_menu in drupal/core/modules/contextual/contextual.module
Implements hook_menu().
editor_menu in drupal/core/modules/editor/editor.module
Implements hook_menu().
edit_menu in drupal/core/modules/edit/edit.module
Implements hook_menu().
file_menu in drupal/core/modules/file/file.module
Implements hook_menu().

... See full list

File

drupal/core/includes/ajax.inc, line 406
Functions for use with Drupal's Ajax framework.

Code

function ajax_base_page_theme() {
  if (!empty($_POST['ajax_page_state']['theme']) && !empty($_POST['ajax_page_state']['theme_token'])) {
    $theme = $_POST['ajax_page_state']['theme'];
    $token = $_POST['ajax_page_state']['theme_token'];

    // Prevent a request forgery from giving a person access to a theme they
    // shouldn't be otherwise allowed to see. However, since everyone is allowed
    // to see the default theme, token validation isn't required for that, and
    // bypassing it allows most use-cases to work even when accessed from the
    // page cache.
    if ($theme === config('system.theme')
      ->get('default') || drupal_valid_token($token, $theme)) {
      return $theme;
    }
  }
}