[resolved] wp-pass.php - Timeout not working after update to 3.4.1 (15 posts)

  1. Ricke 59
    Posted 4 years ago #

    After having updated my site to run WP 3.4.1 I realise that the timeout for password protected pages which I had shortened to 15 minutes is no longer in effect.

    The file wp-pass.php has the same content as before the update whilst all other files except wp-cnfig.php and wp-register.php. All three have older dates.

    Does anyone have any suggestion on how to restore the time-out functionality?

    The updating was done by using the Adminpanel automated way with widgets and templates checked.

  2. Ricke 59
    Posted 4 years ago #

    Is it realy true that wp-pass.php isn't being used anymore. If this is the case then where do I change the time-out time for my password protected pages?

  3. Ricke 59
    Posted 4 years ago #

    Question reopened under the Installation section, I believe it's better posted there.

  4. Please don't do that, we close duplicates when we find them.

    This is in the correct forum, the Installation section is for having installation problems. This topic really is more "How-To and Troubleshooting".

  5. Ricke 59
    Posted 4 years ago #

    Ok, sorry for that, but I felt the other section was more right since the update don't include this file wp-pass.php anymore.

    But ok, let's hope for some good answer here since I find it hard to believe that it won't be possibe to adjust the timeout time for password protected pages.

  6. Ricke 59
    Posted 4 years ago #

    Will you then please also remove the flag Resolved!
    Sorry, just realised I could do that by myself.

  7. Will you then please also remove the flag Resolved!

    Yes. I did almost an hour ago when I closed your duplicate, this thread is marked "not resolved".

  8. Ricke 59
    Posted 4 years ago #

    [ Moderator Note: Please post code or markup snippets between backticks or
    use the code button. ]

    wp-pass.php isn't a part of the update 3.4.1 but the functionality is still there ???
    I made a local disk search for a cookie file with a content of wp-postpass which was a part of the old files "to do"

     * Creates the password cookie and redirects back to where the
     * visitor was before.
     * @package WordPress
    /** Make sure that the WordPress bootstrap has run before continuing. */
    require( dirname(__FILE__) . '/wp-load.php');
    // 10 days, I changed to 15min=900
    setcookie('wp-postpass_' . COOKIEHASH, stripslashes( $_POST['post_password'] ), time() + 900, COOKIEPATH);

    I found such a cookie file with a nonsense name.
    I deleted that file and now wordpress is asking for my password to the protected pages.
    After adding the password I once again search for the cookie and it's there again with a different name and wordpress is no longer asking for the password.

    So the file wp-pass.php isn't there anymore, but the same funcionality exists as before.

    So the question now is ofcourse, where is the wp-pass.php functionality hidden/embedded?

  9. Ricke 59
    Posted 3 years ago #

    After having googled a lot I've found the solution to the problem of not being able to set the timeout time after entering the password on a password protected page.

    What was before the update to 3.4.1 done in the file wp-pass.php must now be done in the file wp-login.php, and it's to be done on line 393.

    Example where I've changed to 900 = 15 minutes

    // 10 days 864000 ändrat till 900 = 15 min
    setcookie( 'wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword( stripslashes( $_POST['post_password'] ) ), time() + 900, COOKIEPATH )
  10. Stefan Matei
    Posted 3 years ago #

    Thank you so much Ricke 59, I've been looking for this forever!

  11. jampafoo
    Posted 3 years ago #

    Thanks Ricke 59! I'd been looking for that wp-pass.php!

  12. kmac99
    Posted 3 years ago #

    Thank you so much!! I've been searching high and low for this answer. I don't know how many times I've changed wp-pass.php, closed browsers, cleared cache, blah blah blah... with no luck. wp-login.php line 393 was the magic trick - thank you!!

  13. caltuna123
    Posted 3 years ago #

    Any change to this file will only work until the next update. Is there any way to change the "life" of the password cookie in an upgrade-safe file? Could you put wp-login.php in a child theme?

  14. bobh1
    Posted 3 years ago #

    Thanks Ricke 59, I am having trouble working out where to put the 60 sec timeout time I want.
    The code is below.
    Would you please tell me what to change.
    Sorry it probably obvious but I just can't work it out

    // 10 days
    setcookie( 'wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword( stripslashes( $_POST['post_password'] ) ), time() + 10 * DAY_IN_SECONDS, COOKIEPATH );

  15. Ricke 59
    Posted 3 years ago #


    The value is 864000 from start and it = 10 days
    900 from my example = 15 minutes
    If you like 60 seconds then the value should be 60 as it should be entered in seconds.

    Ref: ... time() + 900, ...

Topic Closed

This topic has been closed to new replies.

About this Topic