WordPress.org

Ready to get started?Download WordPress

Forums

Display protected posts to logged in users (6 posts)

  1. ac1969
    Member
    Posted 3 years ago #

    Hi, I have a website which uses some password protected posts. My visitors (mostly family and friends) are able to view the posts, by using this password, without requiring a userid.
    I'm now migrating to user logins (through facebook connect plugin), and want to allow those logged in users to see the protected posts, without having to enter the password for this page. Googled for days, but could not find anything on this.
    Already tested several things by modifying the protected-post-personalizer plugin (great plugin btw.), but unsuccesful.
    For protected pages, I don't seem to be able to get the real content of the post (as I can see it in the database with phpMyAdmin) using the $post_content variable.
    Want to allow the display of the content for is_user_logged_in().
    Anyone already looked at doing something similar, and can provde some tips? Is there another way to retrieve the content, rather than through $post_content?

    function show_content_for_passworded( $input ){
     global $post;
    
        if ( empty($post->post_password) || is_user_logged_in() ) { // if there's no password or logged in user
                return $post_content; } else {
            if ( !isset($_COOKIE['wp-postpass_'.COOKIEHASH]) || $_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password ) {  // and it doesn't match the cookie

    Am I completely on the wrong track?

    Thanks,
    Arnaud

  2. Mark / t31os
    Moderator
    Posted 3 years ago #

    Your theme's template files may have conditional checks using post_password_required(), you should replace that condition with your own conditional code..

    Not sure that fixes the issue you're having entirely, but wanted to mention it incase it was something you overlooked..

  3. ac1969
    Member
    Posted 3 years ago #

    Hi Mark, thanks for your reply. I indeed found post_password_required() in my template (wp-includes/post-template.php).
    Modified it at several places to read the below, but still not the desired effect :-(

    // If post password required and it doesn't match the cookie.
    	if (!is_user_logged_in() ){
            if ( post_password_required($post)  ) {
    		$output = get_the_password_form();
    		return $output;
    	}
        }
  4. Mark / t31os
    Moderator
    Posted 3 years ago #

    Hi,
    The file you've mentioned is one of the core WordPress files, that's not actually what i was referring to.. (ideal not to modify core files where possible).

    I'm referring to your theme's template files, those that reside in wp-content/themes/your-theme/.

    Would it perhaps be easier to set the posts to private instead of password protected?

  5. ac1969
    Member
    Posted 3 years ago #

    I'll have to dig a little into this. I realized I was editing core files (and taking the risk to loose this again after the next upgrade), something I would prefer to avoid. Didn't see another option though...
    It seems however that the decision to replace content by the password request form is made in the core of WP. The theme only deals with how it is being presented, I noticed $content was replaced by the password form on protected posts. With the theme (or some plugin) you can just manipulate a little how the password required message and form look like.
    But, I'll continue searching.

    Using private posts is an alternative, but I would for the time being prefer to use protection as well. That way I can just share the password with some friends and family, without requiring them to use a userid and login (of course, this does have advantages for me, because it allows site-visits to be tracked much more detailed)

    I'm a little surprised not more people asked for this (or at least, I could not find it).

    Anyway, thanks for your support. I'll try to search further. When (if....) I find a solution I'll share it through this post.

  6. ac1969
    Member
    Posted 3 years ago #

    Although not the most pretty way to achieve what I wanted, I managed to find a "work-around". Inside the Facebook Connect plugin I'm now just setting the cookie after a succesful FB login

    setcookie('wp-postpass_' . COOKIEHASH, 'post_password', time() + 3600, COOKIEPATH);

    It does the trick what I was looking for.
    I now either provide the protected page password to visitors (without facebook), or my friends can login through facebook and are not bothered by a password request.
    The post remains closed for the general public.

    It's not so much about the security, but I would like to have some control who can access the onfo. Visitors coming through FB are logged.

Topic Closed

This topic has been closed to new replies.

About this Topic