How do i let a person access a WordPress protected page having a URL which will submit the password within the form below?

I wish to have the ability to let a person reach your password protected WordPress page without requiring to type the password, then when they visit the page, the password is posted with a Publish URL on-page load.

This not supposed to have been secure whatsoever I'll have to hardcode the password within the URL and also the PHP. It is simply for simplicity for that user.

Edit 4/19/10: According to solutions below, you can set a cookie straight to allow customers to not need to enter your password. Letting search bots was most effectively achieved by discovering the consumer agent and redirecting, as bots aren't going to cope with snacks.

This is actually the form (that is WordPress core code):

<form action="" method="post">

Password: <input name="post_password" type="password" size="20" />

<input type="submit" name="Submit" value="Submit" /></form>

This really is wordpress-pass.php (that is WordPress core code):

require( dirname(__FILE__) . '/wp-load.php');

if ( get_magic_quotes_gpc() )
    $_POST['post_password'] = stripslashes($_POST['post_password']);

setcookie('wp-postpass_' . COOKIEHASH, $_POST['post_password'], time() + 864000, COOKIEPATH);


If you wish to do that without editing WP's core, you should use cURL to simulate Publish variables such as this:

$ch = curl_init("");
curl_setopt($ch, CURLOPT_POSTFIELDS,  "post_password=mypassword&Submit=Submit");  
curl_setopt($ch, CURLOPT_HEADER, 0);  
curl_setopt($ch, CURLOPT_POST, 1);  

Change $_Publish to $_REQUEST everywhere in wordpress-pass.php.

That code is just searching in the Publish variables, not the GET variables within the URL. The REQUEST global consists of both Publish, and also the GET variables, that is what you would like.

There's most likely an easy method, but I'm not sure WordPress.


The issue is individuals parameters have been in the GET array, not the Publish array. So utilizing a regular link to parameters is not likely to work. Use a form having a hidden area. You are able to style the submit button to resemble a link, if you would like.

<form action="" method="post">
<input name="post_password" type="hidden" value="totally insecure password here" />
<input type="submit" name="Submit" value="Click here to enter your account" />

Instead of keep appending in the earlier answer, I'll attempt to explain the issue a little further here.

The way in which Wordpress passwording works, is:

  1. The initial page includes a form, which is distributed to wp-pass.php.
  2. wp-pass.php takes the provided password, puts it inside a cookie and redirects the consumer back ot the original page.
  3. The initial page inspections the cookie and when the password is correct, it can have the page.

The issue here's that search engines like google don't accept snacks. So, you've two options:

  1. Alter the code Wordpress ways to use passworded content to something which also accepts $_GET variables.
  2. Use cURL to transmit the cookie using headers, getting another page search engines like google may use.

I'd like to expand around the latter answer if you would like, however i do question if you are likely to give search engines like google use of passworded content, anybody may have access. Why don't you just take away the password?