Index: wp-pass.php =================================================================== --- wp-pass.php (revision 17420) +++ wp-pass.php (working copy) @@ -11,9 +11,11 @@ if ( get_magic_quotes_gpc() ) $_POST['post_password'] = stripslashes($_POST['post_password']); + +$postid = (int) $_POST['post_ID']; // 10 days -setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH); +setcookie("wp-postpass_{$postid}_" . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH); wp_safe_redirect(wp_get_referer()); exit; Index: wp-includes/post-template.php =================================================================== --- wp-includes/post-template.php (revision 17420) +++ wp-includes/post-template.php (working copy) @@ -554,10 +554,10 @@ if ( empty($post->post_password) ) return false; - if ( !isset($_COOKIE['wp-postpass_' . COOKIEHASH]) ) + if ( !isset($_COOKIE["wp-postpass_{$post->ID}_" . COOKIEHASH]) ) return true; - if ( $_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password ) + if ( $_COOKIE["wp-postpass_{$post->ID}_" . COOKIEHASH] != $post->post_password ) return true; return false; @@ -1204,16 +1204,18 @@ * @since 1.0.0 * @uses apply_filters() Calls 'the_password_form' filter on output. * + * @param int|object $post An optional post. Global $post used if not provided. * @return string HTML content for password form for password protected post. */ -function get_the_password_form() { - global $post; - $label = 'pwbox-'.(empty($post->ID) ? rand() : $post->ID); - $output = '
-

' . __("This post is password protected. To view it please enter your password below:") . '

-

-
- '; +function get_the_password_form( $post = null ) { + $post = get_post( $post ); + + $label = 'pwbox-' . $post->ID; + $output = '
'; + $output .= '

' . __('This post is password protected. To view it please enter your password below:') . '

'; + $output .= "

"; + $output .= '
'; + return apply_filters('the_password_form', $output); }