WordPress Version: 6.3
/**
* Handles deleting a theme via AJAX.
*
* @since 4.6.0
*
* @see delete_theme()
*
* @global WP_Filesystem_Base $wp_filesystem WordPress filesystem subclass.
*/
function wp_ajax_delete_theme()
{
check_ajax_referer('updates');
if (empty($_POST['slug'])) {
wp_send_json_error(array('slug' => '', 'errorCode' => 'no_theme_specified', 'errorMessage' => __('No theme specified.')));
}
$stylesheet = preg_replace('/[^A-z0-9_\-]/', '', wp_unslash($_POST['slug']));
$status = array('delete' => 'theme', 'slug' => $stylesheet);
if (!current_user_can('delete_themes')) {
$status['errorMessage'] = __('Sorry, you are not allowed to delete themes on this site.');
wp_send_json_error($status);
}
if (!wp_get_theme($stylesheet)->exists()) {
$status['errorMessage'] = __('The requested theme does not exist.');
wp_send_json_error($status);
}
// Check filesystem credentials. `delete_theme()` will bail otherwise.
$url = wp_nonce_url('themes.php?action=delete&stylesheet=' . urlencode($stylesheet), 'delete-theme_' . $stylesheet);
ob_start();
$credentials = request_filesystem_credentials($url);
ob_end_clean();
if (false === $credentials || !WP_Filesystem($credentials)) {
global $wp_filesystem;
$status['errorCode'] = 'unable_to_connect_to_filesystem';
$status['errorMessage'] = __('Unable to connect to the filesystem. Please confirm your credentials.');
// Pass through the error from WP_Filesystem if one was raised.
if ($wp_filesystem instanceof WP_Filesystem_Base && is_wp_error($wp_filesystem->errors) && $wp_filesystem->errors->has_errors()) {
$status['errorMessage'] = esc_html($wp_filesystem->errors->get_error_message());
}
wp_send_json_error($status);
}
require_once ABSPATH . 'wp-admin/includes/theme.php';
$result = delete_theme($stylesheet);
if (is_wp_error($result)) {
$status['errorMessage'] = $result->get_error_message();
wp_send_json_error($status);
} elseif (false === $result) {
$status['errorMessage'] = __('Theme could not be deleted.');
wp_send_json_error($status);
}
wp_send_json_success($status);
}