Hi my client need to add password protect page in wordpress. So i make the visibility of page as password protect and it is working correctly. But client is giving a series of password .He is given password 2314 to 2335 .So the password is any number in between 2314 to 2335 .Now what i do? Is there any method or call to solve this? Any hook is there ?
Hi my client need to add password protect page in wordpress. So i make the visibility of page as password protect and it is working correctly. But client is giving a series of password .He is given password 2314 to 2335 .So the password is any number in between 2314 to 2335 .Now what i do? Is there any method or call to solve this? Any hook is there ?
Share Improve this question edited Oct 28, 2015 at 11:15 fuxia♦ 107k39 gold badges255 silver badges461 bronze badges asked Oct 28, 2015 at 10:32 ron rron r 3331 gold badge5 silver badges13 bronze badges 02 Answers
Reset to default 9Here's just a demo test for fun, just to see if this might be possible:
Demo
First we set the post's password, the usual way:
Then we create a custom field called wpse_extra_passwords that takes comma seperated passwords:
These are the extra passwords for that post.
Let's define the following helper function, based on the post_password_required() core function:
/**
* Helper function, check password + extra passwords
*/
function wpse_post_password_required( $post = null )
{
$post = get_post($post);
if ( empty( $post->post_password ) )
return false;
if ( ! isset( $_COOKIE['wp-postpass_' . COOKIEHASH] ) )
return true;
require_once ABSPATH . WPINC . '/class-phpass.php';
$hasher = new PasswordHash( 8, true );
$hash = wp_unslash( $_COOKIE[ 'wp-postpass_' . COOKIEHASH ] );
if ( 0 !== strpos( $hash, '$P$B' ) )
return true;
// Check the current password
if( $hasher->CheckPassword( $post->post_password, $hash ) )
return false;
// Fetch extra passwords
if( ! $extra_passwords = get_post_meta( $post->ID, 'wpse_extra_passwords', true ) )
return true;
// Check these extra passwords
$extra = explode( ',', $extra_passwords );
foreach( (array) $extra as $password )
{
$password = trim( $password );
if( ! empty( $password ) && $hasher->CheckPassword( $password, $hash ) )
return false;
}
return true;
}
Then we hook into the the_password_form filter and target the single post object in the main loop:
/**
* Support extra post passwords for single posts in the main loop
*/
add_filter( 'the_password_form', function( $output )
{
if( ! is_single() || ! in_the_loop() || did_action( 'the_password_form' ) )
return $output;
$post = get_post();
// Display password form if none of the passwords matches:
if( wpse_post_password_required( $post ) )
return $output;
// Get the current password
$password = $post->post_password;
// Temporary remove it
$post->post_password = '';
// Fetch the content
$content = get_the_content();
// Set the password back
$post->post_password = $password;
return $content;
} );
Hopefully you can test it and play with it further.
Notes
You mentioned passwords like 2314. It's very easy to write a program that can guess simple passwords like that. So I used a little bit stronger passwords in this demo.
You could also use a plugin for that: https://wordpress/plugins/multiple-post-passwords/
And yes, having a series of numbers as passwords is a bad idea ;)