Password protected page with a form submits for me fine but for others redirects them back to the password prompt

admin管理员组

文章数量:1322866

I have a custom coded page (using a page-xxx.php template). This page defined in the /Pages area of the WP admin has password protection.

The content in my custom template is a form and so that is naturally what you see once past the PW prompt I've setup. The issue is that for some users (not me, I've never been able to recreate the issue) is that when they have completed the form, upon submitting it, instead of reloading the same page with a success msg it reloads the same page but it doesn't seem to remember that they have already got past the password prompt.

Can anyone assist troubleshooting this? I don't know how a password protected WP page is functioning (via session vars/cookies?) but I had assumed that once past it, you could reload it/submit a form on it and you wouldn't need to then get past the PW again.

Can anyone clarify this?

I have a custom coded page (using a page-xxx.php template). This page defined in the /Pages area of the WP admin has password protection.

The content in my custom template is a form and so that is naturally what you see once past the PW prompt I've setup. The issue is that for some users (not me, I've never been able to recreate the issue) is that when they have completed the form, upon submitting it, instead of reloading the same page with a success msg it reloads the same page but it doesn't seem to remember that they have already got past the password prompt.

Can anyone assist troubleshooting this? I don't know how a password protected WP page is functioning (via session vars/cookies?) but I had assumed that once past it, you could reload it/submit a form on it and you wouldn't need to then get past the PW again.

Can anyone clarify this?

• forms
• password

Share Improve this question edited Sep 19, 2020 at 21:52 AdamJones asked Sep 11, 2020 at 17:45 AdamJonesAdamJones 32822 gold badges77 silver badges2626 bronze badges 1

• Your suspicion is correct, a cookie is set when the correct password is entered. It has the name wp-postpass_* where * is the md5 of the password. For those who are being asked for the password again, first check if they see the cookie set. If they do, then perhaps your site is caching the page too aggressively. – Brooke. Commented Sep 19, 2020 at 18:42

Add a comment  | 

1 Answer 1

Sorted by: Reset to default 5 +50

When a user logs into a protected page, WordPress sets a cookie. We can check for the existence of that cookie with this conditional:

if ( isset( $_COOKIE['wp-postpass_' . COOKIEHASH] ) ) {
  // Do stuff. 
}

Also, you should be aware that only one password is stored in cookies at a time, to the last entry viewed.

By default, the cookie expires 10 days from creation

If you need to change

add_filter('post_password_expires', 'true_change_pass_exp', 10, 1);
function true_change_pass_exp( $exp ){
    return time() + 5 * DAY_IN_SECONDS; // 5 days
}

本文标签：