WordPress.org

Make WordPress Core

Ticket #16483: 16483.7.diff

File 16483.7.diff, 3.6 KB (added by voldemortensen, 3 years ago)
  • Gruntfile.js

     
    1010
    1111        // Load tasks.
    1212        require('matchdep').filterDev(['grunt-*', '!grunt-legacy-util']).forEach( grunt.loadNpmTasks );
     13        grunt.loadNpmTasks('grunt-patch-wordpress');
    1314        // Load legacy utils
    1415        grunt.util = require('grunt-legacy-util');
    1516
  • package.json

     
    2525    "grunt-includes": "~0.5.1",
    2626    "grunt-jsvalidate": "~0.2.2",
    2727    "grunt-legacy-util": "^0.2.0",
    28     "grunt-patch-wordpress": "~0.4.2",
     28    "grunt-patch-wordpress": "^0.4.2",
    2929    "grunt-postcss": "~0.7.1",
    3030    "grunt-rtlcss": "~2.0.1",
    3131    "grunt-sass": "~1.1.0",
  • src/wp-includes/post-template.php

     
    788788                return apply_filters( 'post_password_required', false, $post );
    789789        }
    790790
    791         if ( ! isset( $_COOKIE[ 'wp-postpass_' . COOKIEHASH ] ) ) {
     791        $cookie = "wp-postpass_{$post->ID}_" . COOKIEHASH;
     792
     793        /**
     794         * Filters the name of the cookie checked for password protected posts.
     795         *
     796         * @since 4.7.0
     797         *
     798         * @param string $cookie Default cookie name.
     799         */
     800        $cookie = apply_filters( 'post_password_cookie', $cookie );
     801
     802        if ( ! isset( $_COOKIE[$cookie] ) ) {
    792803                /** This filter is documented in wp-includes/post.php */
    793804                return apply_filters( 'post_password_required', true, $post );
    794805        }
    795806
    796807        $hasher = new PasswordHash( 8, true );
    797808
    798         $hash = wp_unslash( $_COOKIE[ 'wp-postpass_' . COOKIEHASH ] );
     809        $hash = wp_unslash( $_COOKIE[$cookie] );
     810
    799811        if ( 0 !== strpos( $hash, '$P$B' ) ) {
    800812                $required = true;
    801813        } else {
     
    15961608 */
    15971609function get_the_password_form( $post = 0 ) {
    15981610        $post = get_post( $post );
    1599         $label = 'pwbox-' . ( empty($post->ID) ? rand() : $post->ID );
     1611        $post_id = empty( $post->ID ) ? rand() : $post->ID;
     1612        $label = 'pwbox-' . $post_id;
    16001613        $output = '<form action="' . esc_url( site_url( 'wp-login.php?action=postpass', 'login_post' ) ) . '" class="post-password-form" method="post">
    16011614        <p>' . __( 'This content is password protected. To view it please enter your password below:' ) . '</p>
    1602         <p><label for="' . $label . '">' . __( 'Password:' ) . ' <input name="post_password" id="' . $label . '" type="password" size="20" /></label> <input type="submit" name="Submit" value="' . esc_attr_x( 'Enter', 'post password form' ) . '" /></p></form>
     1615        <p><label for="' . $label . '">' . __( 'Password:' ) . ' <input name="post_password" id="' . $label . '" type="password" size="20" /></label> <input type="hidden" name="post_id" value="' . $post_id . '" /> <input type="submit" name="Submit" value="' . esc_attr_x( 'Enter', 'post password form' ) . '" /></p></form>
    16031616        ';
    16041617
    16051618        /**
  • src/wp-login.php

     
    454454        } else {
    455455                $secure = false;
    456456        }
    457         setcookie( 'wp-postpass_' . COOKIEHASH, $hasher->HashPassword( wp_unslash( $_POST['post_password'] ) ), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure );
     457       
     458        /** This filter is documented in wp-includes/post-template.php */
     459        $cookie = apply_filters( 'post_password_cookie', "wp-postpass_{$_POST['post_id']}_" . COOKIEHASH );
     460        setcookie( $cookie, $hasher->HashPassword( wp_unslash( $_POST['post_password'] ) ), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure );
    458461
    459462        wp_safe_redirect( wp_get_referer() );
    460463        exit();