post_password_required

The timeline below displays how wordpress function post_password_required has changed across different WordPress versions. If a version is not listed, refer to the next available version below.

WordPress Version: 6.3

/**
 * Determines whether the post requires password and whether a correct password has been provided.
 *
 * @since 2.7.0
 *
 * @param int|WP_Post|null $post An optional post. Global $post used if not provided.
 * @return bool false if a password is not required or the correct password cookie is present, true otherwise.
 */
function post_password_required($post = null)
{
    $post = get_post($post);
    if (empty($post->post_password)) {
        /** This filter is documented in wp-includes/post-template.php */
        return apply_filters('post_password_required', false, $post);
    }
    if (!isset($_COOKIE['wp-postpass_' . COOKIEHASH])) {
        /** This filter is documented in wp-includes/post-template.php */
        return apply_filters('post_password_required', true, $post);
    }
    require_once ABSPATH . WPINC . '/class-phpass.php';
    $hasher = new PasswordHash(8, true);
    $hash = wp_unslash($_COOKIE['wp-postpass_' . COOKIEHASH]);
    if (!str_starts_with($hash, '$P$B')) {
        $required = true;
    } else {
        $required = !$hasher->CheckPassword($post->post_password, $hash);
    }
    /**
     * Filters whether a post requires the user to supply a password.
     *
     * @since 4.7.0
     *
     * @param bool    $required Whether the user needs to supply a password. True if password has not been
     *                          provided or is incorrect, false if password has been supplied or is not required.
     * @param WP_Post $post     Post object.
     */
    return apply_filters('post_password_required', $required, $post);
}

WordPress Version: 6.1

/**
 * Determines whether the post requires password and whether a correct password has been provided.
 *
 * @since 2.7.0
 *
 * @param int|WP_Post|null $post An optional post. Global $post used if not provided.
 * @return bool false if a password is not required or the correct password cookie is present, true otherwise.
 */
function post_password_required($post = null)
{
    $post = get_post($post);
    if (empty($post->post_password)) {
        /** This filter is documented in wp-includes/post-template.php */
        return apply_filters('post_password_required', false, $post);
    }
    if (!isset($_COOKIE['wp-postpass_' . COOKIEHASH])) {
        /** This filter is documented in wp-includes/post-template.php */
        return apply_filters('post_password_required', true, $post);
    }
    require_once ABSPATH . WPINC . '/class-phpass.php';
    $hasher = new PasswordHash(8, true);
    $hash = wp_unslash($_COOKIE['wp-postpass_' . COOKIEHASH]);
    if (0 !== strpos($hash, '$P$B')) {
        $required = true;
    } else {
        $required = !$hasher->CheckPassword($post->post_password, $hash);
    }
    /**
     * Filters whether a post requires the user to supply a password.
     *
     * @since 4.7.0
     *
     * @param bool    $required Whether the user needs to supply a password. True if password has not been
     *                          provided or is incorrect, false if password has been supplied or is not required.
     * @param WP_Post $post     Post object.
     */
    return apply_filters('post_password_required', $required, $post);
}

WordPress Version: 5.8

/**
 * Whether post requires password and correct password has been provided.
 *
 * @since 2.7.0
 *
 * @param int|WP_Post|null $post An optional post. Global $post used if not provided.
 * @return bool false if a password is not required or the correct password cookie is present, true otherwise.
 */
function post_password_required($post = null)
{
    $post = get_post($post);
    if (empty($post->post_password)) {
        /** This filter is documented in wp-includes/post-template.php */
        return apply_filters('post_password_required', false, $post);
    }
    if (!isset($_COOKIE['wp-postpass_' . COOKIEHASH])) {
        /** This filter is documented in wp-includes/post-template.php */
        return apply_filters('post_password_required', true, $post);
    }
    require_once ABSPATH . WPINC . '/class-phpass.php';
    $hasher = new PasswordHash(8, true);
    $hash = wp_unslash($_COOKIE['wp-postpass_' . COOKIEHASH]);
    if (0 !== strpos($hash, '$P$B')) {
        $required = true;
    } else {
        $required = !$hasher->CheckPassword($post->post_password, $hash);
    }
    /**
     * Filters whether a post requires the user to supply a password.
     *
     * @since 4.7.0
     *
     * @param bool    $required Whether the user needs to supply a password. True if password has not been
     *                          provided or is incorrect, false if password has been supplied or is not required.
     * @param WP_Post $post     Post object.
     */
    return apply_filters('post_password_required', $required, $post);
}

WordPress Version: 4.9

/**
 * Whether post requires password and correct password has been provided.
 *
 * @since 2.7.0
 *
 * @param int|WP_Post|null $post An optional post. Global $post used if not provided.
 * @return bool false if a password is not required or the correct password cookie is present, true otherwise.
 */
function post_password_required($post = null)
{
    $post = get_post($post);
    if (empty($post->post_password)) {
        /** This filter is documented in wp-includes/post-template.php */
        return apply_filters('post_password_required', false, $post);
    }
    if (!isset($_COOKIE['wp-postpass_' . COOKIEHASH])) {
        /** This filter is documented in wp-includes/post-template.php */
        return apply_filters('post_password_required', true, $post);
    }
    require_once ABSPATH . WPINC . '/class-phpass.php';
    $hasher = new PasswordHash(8, true);
    $hash = wp_unslash($_COOKIE['wp-postpass_' . COOKIEHASH]);
    if (0 !== strpos($hash, '$P$B')) {
        $required = true;
    } else {
        $required = !$hasher->CheckPassword($post->post_password, $hash);
    }
    /**
     * Filters whether a post requires the user to supply a password.
     *
     * @since 4.7.0
     *
     * @param bool    $required Whether the user needs to supply a password. True if password has not been
     *                          provided or is incorrect, false if password has been supplied or is not required.
     * @param WP_Post $post     Post data.
     */
    return apply_filters('post_password_required', $required, $post);
}

WordPress Version: 4.8

/**
 * Whether post requires password and correct password has been provided.
 *
 * @since 2.7.0
 *
 * @param int|WP_Post|null $post An optional post. Global $post used if not provided.
 * @return bool false if a password is not required or the correct password cookie is present, true otherwise.
 */
function post_password_required($post = null)
{
    $post = get_post($post);
    if (empty($post->post_password)) {
        /** This filter is documented in wp-includes/post.php */
        return apply_filters('post_password_required', false, $post);
    }
    if (!isset($_COOKIE['wp-postpass_' . COOKIEHASH])) {
        /** This filter is documented in wp-includes/post.php */
        return apply_filters('post_password_required', true, $post);
    }
    require_once ABSPATH . WPINC . '/class-phpass.php';
    $hasher = new PasswordHash(8, true);
    $hash = wp_unslash($_COOKIE['wp-postpass_' . COOKIEHASH]);
    if (0 !== strpos($hash, '$P$B')) {
        $required = true;
    } else {
        $required = !$hasher->CheckPassword($post->post_password, $hash);
    }
    /**
     * Filters whether a post requires the user to supply a password.
     *
     * @since 4.7.0
     *
     * @param bool    $required Whether the user needs to supply a password. True if password has not been
     *                          provided or is incorrect, false if password has been supplied or is not required.
     * @param WP_Post $post     Post data.
     */
    return apply_filters('post_password_required', $required, $post);
}

WordPress Version: 4.7

/**
 * Whether post requires password and correct password has been provided.
 *
 * @since 2.7.0
 *
 * @param int|WP_Post|null $post An optional post. Global $post used if not provided.
 * @return bool false if a password is not required or the correct password cookie is present, true otherwise.
 */
function post_password_required($post = null)
{
    $post = get_post($post);
    if (empty($post->post_password)) {
        /** This filter is documented in wp-includes/post.php */
        return apply_filters('post_password_required', false, $post);
    }
    if (!isset($_COOKIE['wp-postpass_' . COOKIEHASH])) {
        /** This filter is documented in wp-includes/post.php */
        return apply_filters('post_password_required', true, $post);
    }
    $hasher = new PasswordHash(8, true);
    $hash = wp_unslash($_COOKIE['wp-postpass_' . COOKIEHASH]);
    if (0 !== strpos($hash, '$P$B')) {
        $required = true;
    } else {
        $required = !$hasher->CheckPassword($post->post_password, $hash);
    }
    /**
     * Filters whether a post requires the user to supply a password.
     *
     * @since 4.7.0
     *
     * @param bool    $required Whether the user needs to supply a password. True if password has not been
     *                          provided or is incorrect, false if password has been supplied or is not required.
     * @param WP_Post $post     Post data.
     */
    return apply_filters('post_password_required', $required, $post);
}

WordPress Version: 4.3

/**
 * Whether post requires password and correct password has been provided.
 *
 * @since 2.7.0
 *
 * @param int|WP_Post|null $post An optional post. Global $post used if not provided.
 * @return bool false if a password is not required or the correct password cookie is present, true otherwise.
 */
function post_password_required($post = null)
{
    $post = get_post($post);
    if (empty($post->post_password)) {
        return false;
    }
    if (!isset($_COOKIE['wp-postpass_' . COOKIEHASH])) {
        return true;
    }
    require_once ABSPATH . WPINC . '/class-phpass.php';
    $hasher = new PasswordHash(8, true);
    $hash = wp_unslash($_COOKIE['wp-postpass_' . COOKIEHASH]);
    if (0 !== strpos($hash, '$P$B')) {
        return true;
    }
    return !$hasher->CheckPassword($post->post_password, $hash);
}

WordPress Version: 4.0

/**
 * Whether post requires password and correct password has been provided.
 *
 * @since 2.7.0
 *
 * @param int|WP_Post $post An optional post. Global $post used if not provided.
 * @return bool false if a password is not required or the correct password cookie is present, true otherwise.
 */
function post_password_required($post = null)
{
    $post = get_post($post);
    if (empty($post->post_password)) {
        return false;
    }
    if (!isset($_COOKIE['wp-postpass_' . COOKIEHASH])) {
        return true;
    }
    require_once ABSPATH . WPINC . '/class-phpass.php';
    $hasher = new PasswordHash(8, true);
    $hash = wp_unslash($_COOKIE['wp-postpass_' . COOKIEHASH]);
    if (0 !== strpos($hash, '$P$B')) {
        return true;
    }
    return !$hasher->CheckPassword($post->post_password, $hash);
}

WordPress Version: 3.7

/**
 * Whether post requires password and correct password has been provided.
 *
 * @since 2.7.0
 *
 * @param int|WP_Post $post An optional post. Global $post used if not provided.
 * @return bool false if a password is not required or the correct password cookie is present, true otherwise.
 */
function post_password_required($post = null)
{
    $post = get_post($post);
    if (empty($post->post_password)) {
        return false;
    }
    if (!isset($_COOKIE['wp-postpass_' . COOKIEHASH])) {
        return true;
    }
    require_once ABSPATH . 'wp-includes/class-phpass.php';
    $hasher = new PasswordHash(8, true);
    $hash = wp_unslash($_COOKIE['wp-postpass_' . COOKIEHASH]);
    if (0 !== strpos($hash, '$P$B')) {
        return true;
    }
    return !$hasher->CheckPassword($post->post_password, $hash);
}