Ticket #19797: 19797.diff
| File 19797.diff, 2.0 KB (added by ryan, 18 months ago) |
|---|
-
wp-pass.php
7 7 */ 8 8 9 9 /** Make sure that the WordPress bootstrap has run before continuing. */ 10 require( dirname( __FILE__) . '/wp-load.php');10 require( dirname( __FILE__ ) . '/wp-load.php'); 11 11 12 if ( empty( $wp_hasher ) ) { 13 require_once( ABSPATH . 'wp-includes/class-phpass.php'); 14 // By default, use the portable hash from phpass 15 $wp_hasher = new PasswordHash(8, true); 16 } 17 12 18 // 10 days 13 setcookie( 'wp-postpass_' . COOKIEHASH, stripslashes( $_POST['post_password'] ), time() + 864000, COOKIEPATH);19 setcookie( 'wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword( stripslashes( $_POST['post_password'] ) ), time() + 864000, COOKIEPATH ); 14 20 15 wp_safe_redirect( wp_get_referer());21 wp_safe_redirect( wp_get_referer() ); 16 22 exit; -
wp-includes/post-template.php
558 558 * @return bool false if a password is not required or the correct password cookie is present, true otherwise. 559 559 */ 560 560 function post_password_required( $post = null ) { 561 global $wp_hasher; 562 561 563 $post = get_post($post); 562 564 563 if ( empty( $post->post_password) )565 if ( empty( $post->post_password ) ) 564 566 return false; 565 567 566 if ( ! isset($_COOKIE['wp-postpass_' . COOKIEHASH]) )568 if ( ! isset( $_COOKIE['wp-postpass_' . COOKIEHASH] ) ) 567 569 return true; 568 570 569 if ( stripslashes( $_COOKIE['wp-postpass_' . COOKIEHASH] ) != $post->post_password ) 570 return true; 571 if ( empty( $wp_hasher ) ) { 572 require_once( ABSPATH . 'wp-includes/class-phpass.php'); 573 // By default, use the portable hash from phpass 574 $wp_hasher = new PasswordHash(8, true); 575 } 571 576 572 return false; 577 $hash = stripslashes( $_COOKIE[ 'wp-postpass_' . COOKIEHASH ] ); 578 579 return ! $wp_hasher->CheckPassword( $post->post_password, $hash ); 573 580 } 574 581 575 582 /**
