public
Last active

Custom Post Password Cookie Expiry Time

  • Download Gist
gistfile1.php
PHP
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31
<?php /*
 
**************************************************************************
 
Plugin Name: Custom Post Password Cookie Expiry Time
Description: WordPress doesn't allow you to customize how long a post password cookie lasts. This plugin allows you to customize that value;
Version: 1.0.0
Author: Alex Mills (Viper007Bond)
Author URI: http://www.viper007bond.com/
 
**************************************************************************/
 
/**
* Hook in right before the normal stuff fires in wp-login.php and set the cookie ourself
*/
add_action( 'login_form_postpass', 'login_form_postpass_custom_expiry' );
 
function login_form_postpass_custom_expiry() {
global $wp_hasher;
 
if ( empty( $wp_hasher ) ) {
require_once( ABSPATH . 'wp-includes/class-phpass.php' );
// By default, use the portable hash from phpass
$wp_hasher = new PasswordHash(8, true);
}
 
setcookie( 'wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword( stripslashes( $_POST['post_password'] ) ), time() + 14400, COOKIEPATH );
 
wp_safe_redirect( wp_get_referer() );
exit();
}

Viper, just to confirm - I paste this in the top of wp-login.php? I completely forgot since Sat when we met.

er...functions.php of my theme...

Yes, your theme's functions.php or a plugin. Either will work.

Side note: here's the core ticket I opened about this issue: http://core.trac.wordpress.org/ticket/21466

A plugin would probably be better though -- that's what I wrote this code as (the stuff at the top of the code). You can just paste it into a new .php file, upload it to your /wp-content/plugins/ folder, and then activate it. Probably better than using your theme for this.

As of http://core.trac.wordpress.org/changeset/25450 this plugin is no longer needed.

Just hook into the new filter and return your own value.

Please sign in to comment on this gist.

Something went wrong with that request. Please try again.