trepmal · July 16, 2017 12:14 · trepmal · Oct 31, 2013 · diogo15 · Dec 11, 2013
diff --git a/ajax-password-protected.php b/ajax-password-protected.php
 <?php
 /*
 Plugin Name: Ajax Password Protected
 Plugin URI: https://github.com/trepmal/ajax-password-protected
 Description: Ajax-ified password-protected form
 Version: 0.1
 Author: Kailey Lampert
 Author URI: http://kaileylampert.com

 Copyright (C) 2012  Kailey Lampert

 This program is free software: you can redistribute it and/or modify
 it under the terms of the GNU General Public License as published by
 the Free Software Foundation, either version 3 of the License, or
 (at your option) any later version.

 This program is distributed in the hope that it will be useful,
 but WITHOUT ANY WARRANTY; without even the implied warranty of
 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 GNU General Public License for more details.

 You should have received a copy of the GNU General Public License
 along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */

 new Ajax_Password_Protected();

 class Ajax_Password_Protected {

 	function __construct() {
 		add_action( 'wp_ajax_do_post_password', array( &$this, 'do_x_post_password_cb' ) );
 		add_action( 'wp_ajax_nopriv_do_post_password', array( &$this, 'do_x_post_password_cb' ) );
 		add_action( 'wp_enqueue_scripts', array( &$this, 'script1' ) );
 		add_action( 'wp_footer', array( &$this, 'script2' ) );
 	}

 	function do_x_post_password_cb() {

 		//snag from wp-login.php:386-393
 		require_once( ABSPATH . 'wp-includes/class-phpass.php' );
 		// By default, use the portable hash from phpass
 		$wp_hasher = new PasswordHash(8, true);
 		// 10 days
 		setcookie( 'wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword( stripslashes( $_POST['pass'] ) ), time() + 864000, COOKIEPATH );
 		//fake it so it's available in the loop below
 		$_COOKIE['wp-postpass_' . COOKIEHASH] = $wp_hasher->HashPassword( stripslashes( $_POST['pass'] ) );

 		$q = new WP_Query( "p={$_POST['pid']}" );
 		if ( $q->have_posts() ) : while( $q->have_posts() ) : $q->the_post();

 			$error = false;
 			if ( post_password_required() ) {
 				$error = true;
 			}
 			ob_start();
 			echo '<a href="'; the_permalink(); echo '">';
 			the_title();
 			echo '</a>';
 			$title = ob_get_clean();
 			@ob_end_flush();

 			ob_start();
 			the_content();
 			$content = ob_get_clean();
 			@ob_end_flush();

 		endwhile; endif;
 		wp_reset_postdata();

 		$return = array( 'title' => $title, 'content' => $content, 'error' => '' );

 		if ($error)
 			$return['error'] = 'Invalid password';

 		die( json_encode( $return ) );
 	}

 	//lazily doing my best to get jquery available before my script below
 	function script1() {
 		wp_enqueue_script('jquery');
 	}
 	function script2() {
 		?><script>
 			jQuery(document).ready( function($) {
 				$('.post-password-required').on( 'submit', 'form[action$="postpass"]', function( ev ) {

 					ev.preventDefault();

 					var id = $(this).find('label').attr('for').replace('pwbox-', ''),
 						ajaxurl = '<?php echo admin_url('admin-ajax.php'); ?>',
 						loading = '<?php echo admin_url('images/loading.gif'); ?>';

 					//we don't need to undo this later since the content will be replaced
 					$(this).find('input[type="submit"]').css({
 						'background-image': 'url('+loading+')',
 						'background-position': '92% 50%',
 						'background-repeat': 'no-repeat',
 						'padding-right': '25px'
 					}).attr('disabled','disabled');

 					$.post( ajaxurl, {
 						action: 'do_post_password', // this was registered in the 'wp_ajax_' action hook
 						pass: $(this).find('input[name="post_password"]').val(),
 						pid: id 
 					}, function( response ) {

 						if ( response.error != '' ) {
 							//prepend notice to password form
 							response.content = '<p class="error" style="background:#fcc;padding:10px;">'+ response.error+'</p>' + response.content;
 						} else {
 							//only change the title if there was no error
 							$('#post-'+id).find('.entry-title').html( response.title );
 						}
 						//replace content either way
 						$('#post-'+id).find('.entry-content').html( response.content );

 						// console.log( response );

 					}, 'json' );
 				});
 			});
 		</script><?php
 	}

 }
	<?php
	/*
	Plugin Name: Ajax Password Protected
	Plugin URI: https://github.com/trepmal/ajax-password-protected
	Description: Ajax-ified password-protected form
	Version: 0.1
	Author: Kailey Lampert
	Author URI: http://kaileylampert.com

	Copyright (C) 2012 Kailey Lampert

	This program is free software: you can redistribute it and/or modify
	it under the terms of the GNU General Public License as published by
	the Free Software Foundation, either version 3 of the License, or
	(at your option) any later version.

	This program is distributed in the hope that it will be useful,
	but WITHOUT ANY WARRANTY; without even the implied warranty of
	MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
	GNU General Public License for more details.

	You should have received a copy of the GNU General Public License
	along with this program. If not, see <http://www.gnu.org/licenses/>.
	*/

	new Ajax_Password_Protected();

	class Ajax_Password_Protected {

	function __construct() {
	add_action( 'wp_ajax_do_post_password', array( &$this, 'do_x_post_password_cb' ) );
	add_action( 'wp_ajax_nopriv_do_post_password', array( &$this, 'do_x_post_password_cb' ) );
	add_action( 'wp_enqueue_scripts', array( &$this, 'script1' ) );
	add_action( 'wp_footer', array( &$this, 'script2' ) );
	}

	function do_x_post_password_cb() {

	//snag from wp-login.php:386-393
	require_once( ABSPATH . 'wp-includes/class-phpass.php' );
	// By default, use the portable hash from phpass
	$wp_hasher = new PasswordHash(8, true);
	// 10 days
	setcookie( 'wp-postpass_' . COOKIEHASH, $wp_hasher->HashPassword( stripslashes( $_POST['pass'] ) ), time() + 864000, COOKIEPATH );
	//fake it so it's available in the loop below
	$_COOKIE['wp-postpass_' . COOKIEHASH] = $wp_hasher->HashPassword( stripslashes( $_POST['pass'] ) );

	$q = new WP_Query( "p={$_POST['pid']}" );
	if ( $q->have_posts() ) : while( $q->have_posts() ) : $q->the_post();

	$error = false;
	if ( post_password_required() ) {
	$error = true;
	}
	ob_start();
	echo '<a href="'; the_permalink(); echo '">';
	the_title();
	echo '</a>';
	$title = ob_get_clean();
	@ob_end_flush();

	ob_start();
	the_content();
	$content = ob_get_clean();
	@ob_end_flush();

	endwhile; endif;
	wp_reset_postdata();

	$return = array( 'title' => $title, 'content' => $content, 'error' => '' );

	if ($error)
	$return['error'] = 'Invalid password';

	die( json_encode( $return ) );
	}

	//lazily doing my best to get jquery available before my script below
	function script1() {
	wp_enqueue_script('jquery');
	}
	function script2() {
	?><script>
	jQuery(document).ready( function($) {
	$('.post-password-required').on( 'submit', 'form[action$="postpass"]', function( ev ) {

	ev.preventDefault();

	var id = $(this).find('label').attr('for').replace('pwbox-', ''),
	ajaxurl = '<?php echo admin_url('admin-ajax.php'); ?>',
	loading = '<?php echo admin_url('images/loading.gif'); ?>';

	//we don't need to undo this later since the content will be replaced
	$(this).find('input[type="submit"]').css({
	'background-image': 'url('+loading+')',
	'background-position': '92% 50%',
	'background-repeat': 'no-repeat',
	'padding-right': '25px'
	}).attr('disabled','disabled');

	$.post( ajaxurl, {
	action: 'do_post_password', // this was registered in the 'wp_ajax_' action hook
	pass: $(this).find('input[name="post_password"]').val(),
	pid: id
	}, function( response ) {

	if ( response.error != '' ) {
	//prepend notice to password form
	response.content = '<p class="error" style="background:#fcc;padding:10px;">'+ response.error+'</p>' + response.content;
	} else {
	//only change the title if there was no error
	$('#post-'+id).find('.entry-title').html( response.title );
	}
	//replace content either way
	$('#post-'+id).find('.entry-content').html( response.content );

	// console.log( response );

	}, 'json' );
	});
	});
	</script><?php
	}

	}