plugin development – (BAD REQUEST) 400 admin-ajax.php WordPress error

I updated my WordPress to the current version since it was very outdated. And now I am getting wrong request search problem now. /wp-admin/admin-ajax.php:1 Failed to load resource: Server responded with popup status of 400 (Bad Request). This only happens when the user is not logged in as administrator.

I checked the plugins and no problem there
I changed / checked themes and the problem is within the theme code.

I isolated the code snippets below … hope someone can see where the error is.

If the code needs to be edited, can you write it so I can copy and paste it and tell me where?
Many thanks!

Here are the 3 files below (including admin-ajax) that are in conflict with admin-ajax.php

Functions of the function functions.php

{
#load style sheet
wp_enqueue_style (& # 39; holistic_-style & # 39 ;, get_template_directory_uri (). & # 39; / style.css & # 39 ;, array (), & # 39; & # 39;);
wp_enqueue_style (& # 39; holistic_bootstrap & # 39 ;, & # 39; https: //maxcdn.bootstrapcdn.com/bootstrap/3.3.7/css/bootstrap.min.css', array (), & # 39; & # 39;);

wp_enqueue_script('holistic_bootstrap-js', 'https://maxcdn.bootstrapcdn.com/bootstrap/3.3.7/js/bootstrap.min.js',array(),true);
wp_enqueue_script('holistic_autocomplete', get_template_directory_uri().'/js/autocomplete.js',array('jquery'),true);
wp_localize_script( 'holistic_autocomplete', 'holistic_ajax', array( 'ajaxurl' => admin_url( 'admin-ajax.php' )));
wp_enqueue_script('holistic_jqueryui', 'https://code.jquery.com/ui/1.12.1/jquery-ui.js',array('jquery'),true);

}

js / autocomplete.js

jQuery (document) .ready (function ($) {

    $.ajax({
        url: holistic_ajax.ajaxurl,
        type: 'POST',
        data:{
            action: 'check_login_status'
        },
        //dataType: 'json',
        success: function (data) {
          if(data == 'y'){
             $('.memberlogin').css('display','none');
             $('.memberlogout').css('display','block');
          }else{
             $('.memberlogout').css('display','none');
             $('.memberlogin').css('display','block');
          }
        },
        error: function (xmlHttpRequest, statusText, errThrown) {
            alert(errThrown);
        }
    });
/*remove tick mark*/
$('.table-body .table-row').each(function(){
    if($.trim($(this).text()) === ''){
        $(this).addClass('hide_before');
    }
});


var categories;
var locations;
/*categories*/
 $('#srchkey').on('focus',function(){
      $.ajax({
        url: holistic_ajax.ajaxurl,
        type: 'POST',
        data:{
            action: 'get_holistic_cat'
        },
        dataType: 'json',
        success: function (data) {

           categories = data;
           $('#srchkey').autocomplete({
                source: categories
            });
        },
        error: function (xmlHttpRequest, statusText, errThrown) {
            alert(errThrown);
        }
    });

 });
 /*load locations*/
  $('#location').on('focus',function(){
      $.ajax({
        url: holistic_ajax.ajaxurl,
        type: 'POST',
        data:{
            action: 'get_holistic_locations'
        },
        dataType: 'json',
        success: function (data) {

           locations = data;
           $('#location').autocomplete({
                source: locations
            });
        },
        error: function (xmlHttpRequest, statusText, errThrown) {
            alert(errThrown);
        }
    });

 });

});

admin-ajax.php

define (& # 39; DOING_AJAX & # 39 ;, true);
if (! define (& # 39; WP_ADMIN & # 39;)) {
define (& # 39; WP_ADMIN & # 39 ;, true);
}

/ ** Load WordPress Bootstrap * /
require_once (dirname (dirname ( ARCHIVE )). & # 39; /wp-load.php');

/ ** Allow requests between domains (from the front-end). * /
send_origin_headers ();

header (& # 39; Content-Type: text / html; charset = & # 39 ;. get_option (& # 39; blog_charset & # 39;));
header (& # 39; X-Robots-Tag: noindex & # 39;);

// Requires an action parameter
if (empty ($ _REQUEST (& # 39; action & # 39;))) {
wp_die (& # 39; 0 & # 39 ;, 400);
}

/ ** Load WordPress administration API * /
require_once (ABSPATH. & # 39; wp-admin / includes / admin.php & # 39;);

/ ** Load Ajax drivers for WordPress Core * /
require_once (ABSPATH. & # 39; wp-admin / includes / ajax-actions.php & # 39;);

send_nosniff_header ();
nocache_headers ();

/ ** This action is documented in wp-admin / admin.php * /
do_action (& # 39; admin_init & # 39;);

$ core_actions_get = array (
& # 39; fetch-list & # 39 ;,
& # 39; ajax-tag-search & # 39 ;,
& # 39; compression test wp & # 39 ;,
& # 39; imgedit-preview & # 39 ;,
& # 39; oembed-cache & # 39 ;,
& # 39; auto-complete-user & # 39 ;,
& # 39; dashboard-widgets & # 39 ;,
& # 39; connected & # 39 ;,
& # 39; rest-nonce & # 39 ;,
);

$ core_actions_post = array (
& # 39; oembed-cache & # 39 ;,
& # 39; image editor & # 39 ;,
& # 39; Delete comment & # 39 ;,
& # 39; delete-tag & # 39 ;,
& # 39; delete link & # 39 ;,
& # 39; delete-meta & # 39 ;,
& # 39; Delete message & # 39 ;,
& # 39; trash-post & # 39 ;,
& # 39; untrash-post & # 39 ;,
& # 39; delete page & # 39 ;,
& # 39; dim-comment & # 39 ;,
& # 39; add-link-category & # 39 ;,
& # 39; add tag & # 39 ;,
& # 39; get-tagcloud & # 39 ;,
& # 39; get feedback & # 39 ;,
& # 39; reply to the comment & # 39 ;,
& # 39; Edit comment & # 39 ;,
& # 39; add-menu-item & # 39 ;,
& # 39; add-meta & # 39 ;,
& # 39; add user & # 39 ;,
& # 39; closed mailboxes & # 39 ;,
& # 39; hidden columns & # 39 ;,
& # 39; update-welcome-panel & # 39 ;,
& # 39; menu-get-metabox & # 39 ;,
& # 39; wp-link-ajax & # 39 ;,
& # 39; save-locations-menu & # 39 ;,
& # 39; menu-quick-search & # 39 ;,
& # 39; meta-box-order & # 39 ;,
& # 39; get-permalink & # 39 ;,
& # 39; sample-permalink & # 39 ;,
& # 39; save online & # 39 ;,
& # 39; inline-save-tax & # 39 ;,
& # 39; find_posts & # 39 ;,
& # 39; widgets-order & # 39 ;,
& # 39; save-widget & # 39 ;,
& # 39; delete-inactive-widgets & # 39 ;,
& # 39; set-post-thumbnail & # 39 ;,
& # 39; date format & # 39 ;,
& # 39; time format & # 39 ;,
& # 39; wp-remove-post-lock & # 39 ;,
& # 39; fire-pointer-wp & # 39 ;,
& # 39; upload-attach & # 39 ;,
& # 39; get-attach & # 39 ;,
& # 39; query-attachments & # 39 ;,
& # 39; save-attachment & # 39 ;,
& # 39; save-attach-compat & # 39 ;,
& # 39; send-link-to-editor & # 39 ;,
& # 39; send-attachment to editor & # 39 ;,
& # 39; save-order-attachment & # 39 ;,
& # 39; media-create-image-subsizes & # 39 ;,
& # 39; heartbeat & # 39 ;,
& # 39; get-revision-diffs & # 39 ;,
& # 39; save-user-color-scheme & # 39 ;,
& # 39; update-widget & # 39 ;,
& # 39; query-themes & # 39 ;,
& # 39; parse-embed & # 39 ;,
& # 39; set-attach-thumbnail & # 39 ;,
& # 39; parse-media-shortcode & # 39 ;,
& # 39; destroy-sessions & # 39 ;,
& # 39; install plugin & # 39 ;,
& # 39; update-plugin & # 39 ;,
& # 39; delimit image & # 39 ;,
& # 39; generate password & # 39 ;,
& # 39; save-wporg-username & # 39 ;,
& # 39; delete-plugin & # 39 ;,
& # 39; search plugins & # 39 ;,
& # 39; search-install-plugins & # 39 ;,
& # 39; active-plugin & # 39 ;,
& # 39; update-theme & # 39 ;,
& # 39; delete-theme & # 39 ;,
& # 39; Install the theme & # 39 ;,
& # 39; get-post-thumbnail-html & # 39 ;,
& # 39; get-community-events & # 39 ;,
& # 39; edit-theme-plugin-file & # 39 ;,
& # 39; wp-privacy-export-personal-data & # 39 ;,
& # 39; wp-privacy-erase-personal-data & # 39 ;,
& # 39; health-check-site-status-result & # 39 ;,
& # 39; health-check-dotorg-communication & # 39 ;,
& # 39; health-check-is-in-debug-mode & # 39 ;,
& # 39; health-check-background-updates & # 39 ;,
& # 39; health-check-loopback-request & # 39 ;,
& # 39; health-check-get-size & # 39 ;,
);

// Obsolete
$ core_actions_post_deprecated = array (& # 39; wp-fullscreen-save-post & # 39 ;, & # 39; press-this-save-post & # 39 ;, & # 39; press-this-add-category & # 39;) ;
$ core_actions_post = array_merge ($ core_actions_post, $ core_actions_post_deprecated);

// Record the main Ajax calls.
if (! empty ($ _GET (& # 39; action & # 39;)) && in_array ($ _GET (& # 39; action & # 39;), $ core_actions_get)) {
add_action (& # 39; wp_ajax _ & # 39;. $ _GET (& # 39; action & # 39;), & # 39; wp_ajax _ & # 39 ;. str_replace (& # 39; – & # 39 ;, & # 39; _ & # 39 ;, $ _GET (& # 39; action & # 39;)), 1);
}

if (! empty ($ _POST (& # 39; action & # 39;)) && in_array ($ _POST (& # 39; action & # 39;), $ core_actions_post)) {
add_action (& # 39; wp_ajax _ & # 39;. $ _POST (& # 39; action & # 39;), & # 39; wp_ajax _ & # 39 ;. str_replace (& # 39; – & # 39 ;, & # 39; _ & # 39 ;, $ _POST (& # 39; action & # 39;)), 1);
}

add_action (& # 39; wp_ajax_nopriv_heartbeat & # 39 ;, & # 39; wp_ajax_nopriv_heartbeat & # 39 ;, 1);

$ action = (isset ($ _REQUEST (& # 39; action & # 39;)))? $ _REQUEST (& # 39; action & # 39;): & # 39; & # 39 ;;

if (is_user_logged_in ()) {
// If no action is logged, return an incorrect request response.
if (! has_action ("wp_ajax _ {$ action}")) {
wp_die (& # 39; 0 & # 39 ;, 400);
}