diff --git wp-includes/post-template.php wp-includes/post-template.php
index bf4671b..7143998 100644
|
|
function post_password_required( $post = null ) { |
553 | 553 | |
554 | 554 | if ( empty($post->post_password) ) |
555 | 555 | return false; |
| 556 | |
| 557 | $name = "wp-postpass_{$post->ID}" . COOKIEHASH; |
556 | 558 | |
557 | | if ( !isset($_COOKIE['wp-postpass_' . COOKIEHASH]) ) |
558 | | return true; |
559 | | |
560 | | if ( $_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password ) |
| 559 | if ( !isset($_COOKIE[$name]) || $_COOKIE[$name] != $post->post_password ) |
561 | 560 | return true; |
562 | 561 | |
563 | 562 | return false; |
… |
… |
function prepend_attachment($content) { |
1204 | 1203 | * @since 1.0.0 |
1205 | 1204 | * @uses apply_filters() Calls 'the_password_form' filter on output. |
1206 | 1205 | * |
| 1206 | * @param int ID of the post. Optional, fall back to the current post in the loop. |
1207 | 1207 | * @return string HTML content for password form for password protected post. |
1208 | 1208 | */ |
1209 | | function get_the_password_form() { |
1210 | | global $post; |
1211 | | $label = 'pwbox-'.(empty($post->ID) ? rand() : $post->ID); |
| 1209 | function get_the_password_form( $id = null ) { |
| 1210 | if ( ! $id ) { |
| 1211 | global $post; |
| 1212 | $id = empty( $post->ID ) ? rand() : $post->ID; |
| 1213 | } |
| 1214 | |
| 1215 | $label = 'pwbox-' . $id; |
1212 | 1216 | $output = '<form action="' . get_option('siteurl') . '/wp-pass.php" method="post"> |
1213 | 1217 | <p>' . __("This post is password protected. To view it please enter your password below:") . '</p> |
1214 | | <p><label for="' . $label . '">' . __("Password:") . ' <input name="post_password" id="' . $label . '" type="password" size="20" /></label> <input type="submit" name="Submit" value="' . esc_attr__("Submit") . '" /></p> |
| 1218 | <p><label for="' . $label . '">' . __("Password:") . ' <input name="post_password" id="' . $label . '" type="password" size="20" /></label> <input type="submit" name="Submit" value="' . esc_attr__("Submit") . '" /> |
| 1219 | <input type="hidden" name="id" value="' . $id . '" /></p> |
1215 | 1220 | </form> |
1216 | 1221 | '; |
1217 | 1222 | return apply_filters('the_password_form', $output); |
diff --git wp-includes/theme-compat/comments-popup.php wp-includes/theme-compat/comments-popup.php
index 12ad736..555c989 100644
|
|
extract($commenter); |
45 | 45 | $comments = get_approved_comments($id); |
46 | 46 | $post = get_post($id); |
47 | 47 | if ( post_password_required($post) ) { // and it doesn't match the cookie |
48 | | echo(get_the_password_form()); |
| 48 | echo(get_the_password_form( $id )); |
49 | 49 | } else { ?> |
50 | 50 | |
51 | 51 | <?php if ($comments) { ?> |
diff --git wp-pass.php wp-pass.php
index c0c0c42..80c70d4 100644
|
|
if ( get_magic_quotes_gpc() ) |
13 | 13 | $_POST['post_password'] = stripslashes($_POST['post_password']); |
14 | 14 | |
15 | 15 | // 10 days |
16 | | setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH); |
| 16 | setcookie('wp-postpass_' . $_POST['id'] . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH); |
17 | 17 | |
18 | 18 | wp_safe_redirect(wp_get_referer()); |
19 | 19 | exit; |