I’m also getting this problem. I can no longer view password protected posts/pages. I get redirected to my Error 404 page when I try to enter a valid password for post/page.
If I disable the plugin, no problems.
Thanks, I’ll fix this today!
Do you have the latest version, 2.1.1, installed? It works for me…
If you’re using a caching plugin, make sure you purge the cache and refresh the page.
Please let me know if it still doesn’t work, so I can fix it if there is indeed a problem.
I’m running WordPress 3.8 and plugin version 2.1.1. I also verified that I am not using any caching plugin. To be safe, I also used an incognito window in Chrome so that it wasn’t pulling from a cache on my computer either.
I tried making the page public and then changing it back to password protected in WordPress. The form still points to the default page when WordPress automatically adds this:
<form class=”protected-post-form” action=”http://aespeo.com/wp-login.php?action=postpass” method=”post”>
The one thing I did find interesting is instead of the normal “Page Not Found” page title, the page title changes to “November 30,0001 Archives” when it brings up the 404 error. Not sure if that will help.
If you need to know anything else, please let me know.
Is http://aespeo.com your website? I can access http://aespeo.com/wp-login.php, which shouldn’t be possible with this plugin.
Yes, that is the website that uses a password protected page. I have your plugin disabled at the moment because I need the website to work for my client since it is live. If you want me to enable your plugin for testing for about an hour or so, please let me know.
What plugins and theme do you use? Something must be filtering the password form with the_password_form.
A normal password form has the text: This content is password protected. To view it please enter your password below:
Yours has the text: This page is password protected. To view it please enter your password below:
The html of the form is also slightly different…
I am using Pagelines Framework 2.4.4 as the theme.
Plugins include:
Block Bad Queries (BBQ)
Custom Contact Forms
HiFi
Pagelines Customize (DISABLED)
Protected Posts Logout Button
Rename wp-login.php
Wordfence Security
WordPress SEO
WP-Filebase
I’ve tried disabling both the Block Bad Queries and Protected Posts Logout Button plugins as those might have been issues. But it wasn’t them as the issue continued when they were disabled. I can try to dig around the Pagelines theme to see if it is hardcoded in there somewhere.
Thanks, that’d be useful. Just search your entire wp-content for wp-login.php and see if it’s hardcoded anywhere. As long as it has site_url() wrapped around it (not just before it), it’s fine.
I fear it has been barcoded somewhere. The standard password form uses site_url(), which the plugin filters.
What you could also do is try an earlier version of this plugin, e.g. http://downloads.wordpress.org/plugin/rename-wp-login.1.9.zip and see if you have the same problem. It just filters slightly differently, so it’s be useful to know if that one does work.
Unfortunately Pagelines Framework is a premium theme… :/
I tried version 1.9, but that didn’t work either. I will search through wp-content to see if I can find something that is changing the password field. And yes, it is a premium theme, which has been replaced by Pagelines DMS now. Let me see if I can find anything inside the theme that is causing an issue.
That’s a lot! It’s just weird that two people have the same issue on the same day…
Wondering if it is something I did, but I did find where it is being changed. Inside the theme’s functions.php, I found this code:
add_filter( 'the_password_form', 'custom_password_form' );
function custom_password_form() {
global $post;
$label = 'pwbox-'.( empty( $post->ID ) ? rand() : $post->ID );
$o = '<form class="protected-post-form" action="' . get_option('siteurl') . '/wp-login.php?action=postpass" method="post">
' . __( "This page is password protected. To view it please enter your password below:" ) . '
<br /><label for="' . $label . '">' . __( "Password:" ) . ' </label><input name="post_password" id="' . $label . '" type="password" size="20" /><input type="submit" name="Submit" value="' . esc_attr__( "Submit" ) . '" />
</form>
';
return $o;
}
What should I change the action="" to on the form so it would work properly with your plugin?
I would remove that whole part tbh. It doesn’t do much differently from core.
See: https://github.com/WordPress/WordPress/blob/master/wp-includes/post-template.php#L1238
But if you insist on keeping it:
action="' . esc_url( site_url( 'wp-login.php?action=postpass', 'login_post' ) ) . '"
Actually, I can’t remember why I added that form. It may have been something to do with the wording of the message. Your suggestion does work for the action="". I agree though it is better to stick with the default one, so I removed the function completely from the functions.php file. Works as expected. Thanks for your wonderful help!!!
