WordPress.org

Make WordPress Core

Ticket #16483: 16483.2.diff

File 16483.2.diff, 2.9 KB (added by garyc40, 7 years ago)

modified solarissmoke's patch a bit: no notice when not called inside a loop

  • wp-includes/post-template.php

    diff --git wp-includes/post-template.php wp-includes/post-template.php
    index bf4671b..7143998 100644
    function post_password_required( $post = null ) { 
    553553
    554554        if ( empty($post->post_password) )
    555555                return false;
     556               
     557        $name = "wp-postpass_{$post->ID}" . COOKIEHASH;
    556558
    557         if ( !isset($_COOKIE['wp-postpass_' . COOKIEHASH]) )
    558                 return true;
    559 
    560         if ( $_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password )
     559        if ( !isset($_COOKIE[$name]) || $_COOKIE[$name] != $post->post_password )
    561560                return true;
    562561
    563562        return false;
    function prepend_attachment($content) { 
    12041203 * @since 1.0.0
    12051204 * @uses apply_filters() Calls 'the_password_form' filter on output.
    12061205 *
     1206 * @param int ID of the post. Optional, fall back to the current post in the loop.
    12071207 * @return string HTML content for password form for password protected post.
    12081208 */
    1209 function get_the_password_form() {
    1210         global $post;
    1211         $label = 'pwbox-'.(empty($post->ID) ? rand() : $post->ID);
     1209function get_the_password_form( $id = null ) {
     1210        if ( ! $id ) {
     1211                global $post;
     1212                $id = empty( $post->ID ) ? rand() : $post->ID;
     1213        }
     1214       
     1215        $label = 'pwbox-' . $id;
    12121216        $output = '<form action="' . get_option('siteurl') . '/wp-pass.php" method="post">
    12131217        <p>' . __("This post is password protected. To view it please enter your password below:") . '</p>
    1214         <p><label for="' . $label . '">' . __("Password:") . ' <input name="post_password" id="' . $label . '" type="password" size="20" /></label> <input type="submit" name="Submit" value="' . esc_attr__("Submit") . '" /></p>
     1218        <p><label for="' . $label . '">' . __("Password:") . ' <input name="post_password" id="' . $label . '" type="password" size="20" /></label> <input type="submit" name="Submit" value="' . esc_attr__("Submit") . '" />
     1219        <input type="hidden" name="id" value="' . $id . '" /></p>
    12151220        </form>
    12161221        ';
    12171222        return apply_filters('the_password_form', $output);
  • wp-includes/theme-compat/comments-popup.php

    diff --git wp-includes/theme-compat/comments-popup.php wp-includes/theme-compat/comments-popup.php
    index 12ad736..555c989 100644
    extract($commenter); 
    4545$comments = get_approved_comments($id);
    4646$post = get_post($id);
    4747if ( post_password_required($post) ) {  // and it doesn't match the cookie
    48         echo(get_the_password_form());
     48        echo(get_the_password_form( $id ));
    4949} else { ?>
    5050
    5151<?php if ($comments) { ?>
  • wp-pass.php

    diff --git wp-pass.php wp-pass.php
    index c0c0c42..80c70d4 100644
    if ( get_magic_quotes_gpc() ) 
    1313        $_POST['post_password'] = stripslashes($_POST['post_password']);
    1414
    1515// 10 days
    16 setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH);
     16setcookie('wp-postpass_' . $_POST['id'] . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH);
    1717
    1818wp_safe_redirect(wp_get_referer());
    1919exit;