WordPress.org

Make WordPress Core

Ticket #16483: 16483.2.diff

File 16483.2.diff, 2.9 KB (added by garyc40, 4 years ago)

modified solarissmoke's patch a bit: no notice when not called inside a loop

  • wp-includes/post-template.php

    diff --git wp-includes/post-template.php wp-includes/post-template.php
    index bf4671b..7143998 100644
    function post_password_required( $post = null ) { 
    553553 
    554554        if ( empty($post->post_password) ) 
    555555                return false; 
     556                 
     557        $name = "wp-postpass_{$post->ID}" . COOKIEHASH; 
    556558 
    557         if ( !isset($_COOKIE['wp-postpass_' . COOKIEHASH]) ) 
    558                 return true; 
    559  
    560         if ( $_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password ) 
     559        if ( !isset($_COOKIE[$name]) || $_COOKIE[$name] != $post->post_password ) 
    561560                return true; 
    562561 
    563562        return false; 
    function prepend_attachment($content) { 
    12041203 * @since 1.0.0 
    12051204 * @uses apply_filters() Calls 'the_password_form' filter on output. 
    12061205 * 
     1206 * @param int ID of the post. Optional, fall back to the current post in the loop. 
    12071207 * @return string HTML content for password form for password protected post. 
    12081208 */ 
    1209 function get_the_password_form() { 
    1210         global $post; 
    1211         $label = 'pwbox-'.(empty($post->ID) ? rand() : $post->ID); 
     1209function get_the_password_form( $id = null ) { 
     1210        if ( ! $id ) { 
     1211                global $post; 
     1212                $id = empty( $post->ID ) ? rand() : $post->ID; 
     1213        } 
     1214         
     1215        $label = 'pwbox-' . $id; 
    12121216        $output = '<form action="' . get_option('siteurl') . '/wp-pass.php" method="post"> 
    12131217        <p>' . __("This post is password protected. To view it please enter your password below:") . '</p> 
    1214         <p><label for="' . $label . '">' . __("Password:") . ' <input name="post_password" id="' . $label . '" type="password" size="20" /></label> <input type="submit" name="Submit" value="' . esc_attr__("Submit") . '" /></p> 
     1218        <p><label for="' . $label . '">' . __("Password:") . ' <input name="post_password" id="' . $label . '" type="password" size="20" /></label> <input type="submit" name="Submit" value="' . esc_attr__("Submit") . '" /> 
     1219        <input type="hidden" name="id" value="' . $id . '" /></p> 
    12151220        </form> 
    12161221        '; 
    12171222        return apply_filters('the_password_form', $output); 
  • wp-includes/theme-compat/comments-popup.php

    diff --git wp-includes/theme-compat/comments-popup.php wp-includes/theme-compat/comments-popup.php
    index 12ad736..555c989 100644
    extract($commenter); 
    4545$comments = get_approved_comments($id); 
    4646$post = get_post($id); 
    4747if ( post_password_required($post) ) {  // and it doesn't match the cookie 
    48         echo(get_the_password_form()); 
     48        echo(get_the_password_form( $id )); 
    4949} else { ?> 
    5050 
    5151<?php if ($comments) { ?> 
  • wp-pass.php

    diff --git wp-pass.php wp-pass.php
    index c0c0c42..80c70d4 100644
    if ( get_magic_quotes_gpc() ) 
    1313        $_POST['post_password'] = stripslashes($_POST['post_password']); 
    1414 
    1515// 10 days 
    16 setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH); 
     16setcookie('wp-postpass_' . $_POST['id'] . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH); 
    1717 
    1818wp_safe_redirect(wp_get_referer()); 
    1919exit;