From cddfd974e080b234d01cda0f7ad7d0b358816cd2 Mon Sep 17 00:00:00 2001
From: ryan <ryan@1a063a9b-81f0-0310-95a4-ce76da25c4cd>
Date: Wed, 3 Sep 2008 19:54:14 +0000
Subject: [PATCH] post_password_required(). fixes #7679

git-svn-id: http://svn.automattic.com/wordpress/trunk@8800 1a063a9b-81f0-0310-95a4-ce76da25c4cd
---
 wp-content/themes/classic/comments-popup.php |  2 +-
 wp-content/themes/classic/comments.php       |  2 +-
 wp-content/themes/default/comments-popup.php |  2 +-
 wp-content/themes/default/comments.php       | 13 ++----
 wp-includes/comment-template.php             |  8 ++--
 wp-includes/feed.php                         |  6 +--
 wp-includes/post-template.php                | 43 +++++++++++++++-----
 7 files changed, 45 insertions(+), 31 deletions(-)

diff --git a/wp-content/themes/classic/comments-popup.php b/wp-content/themes/classic/comments-popup.php
index 4e0a6057e..b28156436 100644
--- a/wp-content/themes/classic/comments-popup.php
+++ b/wp-content/themes/classic/comments-popup.php
@@ -33,7 +33,7 @@ $commenter = wp_get_current_commenter();
 extract($commenter);
 $comments = get_approved_comments($id);
 $commentstatus = get_post($id);
-if (!empty($commentstatus->post_password) && $_COOKIE['wp-postpass_'. COOKIEHASH] != $commentstatus->post_password) {  // and it doesn't match the cookie
+if ( post_password_required($commentstatus) ) {  // and it doesn't match the cookie
 	echo(get_the_password_form());
 } else { ?>
 
diff --git a/wp-content/themes/classic/comments.php b/wp-content/themes/classic/comments.php
index 4f92f65f7..dc995776f 100644
--- a/wp-content/themes/classic/comments.php
+++ b/wp-content/themes/classic/comments.php
@@ -1,4 +1,4 @@
-<?php if ( !empty($post->post_password) && $_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password) : ?>
+<?php if ( post_password_required() ) : ?>
 <p><?php _e('Enter your password to view comments.'); ?></p>
 <?php return; endif; ?>
 
diff --git a/wp-content/themes/default/comments-popup.php b/wp-content/themes/default/comments-popup.php
index a57ff21ce..5f739208f 100644
--- a/wp-content/themes/default/comments-popup.php
+++ b/wp-content/themes/default/comments-popup.php
@@ -33,7 +33,7 @@ $commenter = wp_get_current_commenter();
 extract($commenter);
 $comments = get_approved_comments($id);
 $post = get_post($id);
-if (!empty($post->post_password) && $_COOKIE['wp-postpass_'. COOKIEHASH] != $post->post_password) {  // and it doesn't match the cookie
+if ( post_password_required($post) ) {  // and it doesn't match the cookie
 	echo(get_the_password_form());
 } else { ?>
 
diff --git a/wp-content/themes/default/comments.php b/wp-content/themes/default/comments.php
index 50c594067..8a70c2d9c 100644
--- a/wp-content/themes/default/comments.php
+++ b/wp-content/themes/default/comments.php
@@ -2,15 +2,10 @@
 	if (!empty($_SERVER['SCRIPT_FILENAME']) && 'comments.php' == basename($_SERVER['SCRIPT_FILENAME']))
 		die ('Please do not load this page directly. Thanks!');
 
-	if (!empty($post->post_password)) { // if there's a password
-		if ($_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password) {  // and it doesn't match the cookie
-			?>
-
-			<p class="nocomments">This post is password protected. Enter the password to view comments.</p>
-
-			<?php
-			return;
-		}
+	if ( post_password_required() ) { ?>
+		<p class="nocomments">This post is password protected. Enter the password to view comments.</p>
+	<?php
+		return;
 	}
 
 	/* This variable is for alternating comment background */
diff --git a/wp-includes/comment-template.php b/wp-includes/comment-template.php
index 956dc7d86..8a900f988 100644
--- a/wp-includes/comment-template.php
+++ b/wp-includes/comment-template.php
@@ -802,11 +802,9 @@ function comments_popup_link( $zero = 'No Comments', $one = '1 Comment', $more =
 		return;
 	}
 
-	if ( !empty($post->post_password) ) { // if there's a password
-		if ( !isset($_COOKIE['wp-postpass_' . COOKIEHASH]) || $_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password ) {  // and it doesn't match the cookie
-			echo __('Enter your password to view comments');
-			return;
-		}
+	if ( post_password_required() ) {
+		echo __('Enter your password to view comments');
+		return;
 	}
 
 	echo '<a href="';
diff --git a/wp-includes/feed.php b/wp-includes/feed.php
index 8d979f69a..a8ae70443 100644
--- a/wp-includes/feed.php
+++ b/wp-includes/feed.php
@@ -394,8 +394,7 @@ function html_type_rss() {
  * @uses get_post_custom() To get the current post enclosure metadata.
  */
 function rss_enclosure() {
-	global $post;
-	if ( !empty($post->post_password) && (!isset($_COOKIE['wp-postpass_'.COOKIEHASH]) || $_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password) )
+	if ( post_password_required() )
 		return;
 
 	foreach ( (array) get_post_custom() as $key => $val) {
@@ -426,8 +425,7 @@ function rss_enclosure() {
  * @uses get_post_custom() To get the current post enclosure metadata.
  */
 function atom_enclosure() {
-	global $post;
-	if ( !empty($post->post_password) && ($_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password) )
+	if ( post_password_required() )
 		return;
 
 	foreach ( (array) get_post_custom() as $key => $val ) {
diff --git a/wp-includes/post-template.php b/wp-includes/post-template.php
index ae6809b1f..a00bb584a 100644
--- a/wp-includes/post-template.php
+++ b/wp-includes/post-template.php
@@ -90,11 +90,9 @@ function get_the_content($more_link_text = NULL, $stripteaser = 0, $more_file =
 
 	$output = '';
 
-	if ( !empty($post->post_password) ) { // if there's a password
-		if ( !isset($_COOKIE['wp-postpass_'.COOKIEHASH]) || stripslashes($_COOKIE['wp-postpass_'.COOKIEHASH]) != $post->post_password ) {	// and it doesn't match the cookie
-			$output = get_the_password_form();
-			return $output;
-		}
+	if ( post_password_required($post) ) {	// If post password required and it doesn't match the cookie
+		$output = get_the_password_form();
+		return $output;
 	}
 
 	if ( $more_file != '' )
@@ -145,11 +143,9 @@ function get_the_excerpt($deprecated = '') {
 	global $post;
 	$output = '';
 	$output = $post->post_excerpt;
-	if ( !empty($post->post_password) ) { // if there's a password
-		if ( !isset($_COOKIE['wp-postpass_'.COOKIEHASH]) || $_COOKIE['wp-postpass_'.COOKIEHASH] != $post->post_password ) {  // and it doesn't match the cookie
-			$output = __('There is no excerpt because this is a protected post.');
-			return $output;
-		}
+	if ( post_password_required($post) ) {
+		$output = __('There is no excerpt because this is a protected post.');
+		return $output;
 	}
 
 	return apply_filters('get_the_excerpt', $output);
@@ -227,6 +223,33 @@ function get_post_class( $class = '', $post_id = null ) {
 	return apply_filters('post_class', $classes, $class, $post_id);
 }
 
+/**
+ * Determines if post requires a password and if the correct password has been provided
+ *
+ * {@internal Missing Long Description}}
+ *
+ * @package WordPress
+ * @subpackage Post
+ * @since 2.7
+ *
+ * @param int|object $post An optional post.  Global $post used if not provided.
+ * @return bool false if a password is not required or the correct password cookie is present, true otherwise
+ */
+function post_password_required( $post = null ) {
+	$post = get_post($post);
+
+	if ( empty($post->post_password) )
+		return false;
+
+	if ( !isset($_COOKIE['wp-postpass_' . COOKIEHASH]) )
+		return true;
+
+	if ( $_COOKIE['wp-postpass_' . COOKIEHASH] != $post->post_password )
+		return true;
+
+	return false;
+}
+
 /**
  * Echo "sticky" CSS class if a post is sticky
  *