From d41eaab5cebc7cbad71840bc4dff00bdc90e609e Mon Sep 17 00:00:00 2001
From: saxmatt <saxmatt@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Wed, 20 Aug 2003 22:59:20 +0000
Subject: [PATCH] Password protected posts!

git-svn-id: http://svn.automattic.com/wordpress/trunk@323 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 b2-include/b2template.functions.php | 27 ++++++++++++++++++++++++---
 wp-pass.php                         | 12 ++++++++++++
 2 files changed, 36 insertions(+), 3 deletions(-)
 create mode 100644 wp-pass.php

diff --git a/b2-include/b2template.functions.php b/b2-include/b2template.functions.php
index 1ecc7ac5fae..90936298819 100644
--- a/b2-include/b2template.functions.php
+++ b/b2-include/b2template.functions.php
@@ -522,7 +522,10 @@ function the_title_unicode($before='',$after='') {
 function get_the_title() {
 	global $id, $post;
 	$output = stripslashes($post->post_title);
-	return($output);
+	if (!empty($post->post_password)) { // if there's a password
+		$output = 'Protected: ' . $output;
+	}
+	return $output;
 }
 
 function the_content($more_link_text='(more...)', $stripteaser=0, $more_file='') {
@@ -580,10 +583,22 @@ function the_content_unicode($more_link_text='(more...)', $stripteaser=0, $more_
 
 function get_the_content($more_link_text='(more...)', $stripteaser=0, $more_file='') {
 	global $id, $post, $more, $c, $withcomments, $page, $pages, $multipage, $numpages;
-	global $HTTP_SERVER_VARS, $preview;
+	global $HTTP_SERVER_VARS, $HTTP_COOKIE_VARS, $preview;
 	global $querystring_start, $querystring_equal, $querystring_separator;
     global $pagenow;
 	$output = '';
+	
+	if (!empty($post->post_password)) { // if there's a password
+		if ($HTTP_COOKIE_VARS['wp-postpass'] != $post->post_password) {  // and it doesn't match the cookie
+			$output = "<form action='$siteurl/wp-pass.php' method='post'>
+			<p>This post is password protected. To view it please enter your password below:</p>
+			<p><label>Password: <input name='post_password' type='text' size='20' /></label> <input type='submit' name='Submit' value='Submit' /></p>
+			</form>
+			";
+			return $output;
+		}
+	}
+
 	if ($more_file != '') {
 		$file = $more_file;
 	} else {
@@ -666,9 +681,15 @@ function the_excerpt_unicode() {
 
 function get_the_excerpt($fakeit = false) {
 	global $id, $post;
-	global $HTTP_SERVER_VARS, $preview;
+	global $HTTP_SERVER_VARS, $HTTP_COOKIE_VARS, $preview;
 	$output = '';
 	$output = $post->post_excerpt;
+	if (!empty($post->post_password)) { // if there's a password
+		if ($HTTP_COOKIE_VARS['wp-postpass'] != $post->post_password) {  // and it doesn't match the cookie
+			$output = "There is no excerpt because this is a protected post.";
+			return $output;
+		}
+	}
     //if we haven't got an excerpt, make one in the style of the rss ones
     if (($output == '') && $fakeit) {
         $output = get_the_content();
diff --git a/wp-pass.php b/wp-pass.php
new file mode 100644
index 00000000000..852bb611d52
--- /dev/null
+++ b/wp-pass.php
@@ -0,0 +1,12 @@
+<?php
+
+/*
+  This is just a very simple script to set a cookie with a posted password and redirect back from whence the browser came.
+  It doesn't need to connect to the DB, or do anything fancy at all. Yum.
+  -- Matt
+*/
+
+setcookie('wp-postpass', $HTTP_POST_VARS['post_password'], time()+60*60*24*30);
+header('Location: ' . $HTTP_SERVER_VARS['HTTP_REFERER']);
+
+?>
\ No newline at end of file