Wordpress - Password protecting a page

One solution would be to create a custom Page template for Pages that you intend to password protect.

Start by creating your custom Page template, perhaps named template-password-protected.php, and add the Template: file-docblock tag at the top, like so:

<?php
/**
 * Template: Password-Protected
 */
?>

Now, add your basic Page template markup:

<?php
/**
 * Template: Password-Protected
 */
?>

<?php get_header(); ?>

<div id="main">

<?php if (have_posts()) : ?>
    <?php while (have_posts()) : the_post(); ?>

        <div id="map" style="width:100%; height:100%"></div>

    <?php endwhile; ?>
<?php endif; ?>

</div>

<?php get_sidebar(); ?>

<?php get_footer(); ?>

Now, modify it so that default content is output if the page is password-protected:

<?php
/**
 * Template: Password-Protected
 */
?>

<?php get_header(); ?>

<div id="main">

<?php
// Globalize $post
global $post;
// Test for password-protected page
// Returns true if post is password-protected
// and if the password doesn't match cookie
if ( post_password_required( $post ) ) {
    ?>
    <p>
    CUSTOM CONTENT THAT DISPLAYS ONLY WHEN PAGE IS PASSWORD PROTECTED
    GOES HERE
    </p>
    <?php
} else { 
    // Page isn't password-protected
    ?>

<?php if (have_posts()) : ?>
    <?php while (have_posts()) : the_post(); ?>

        <div id="map" style="width:100%; height:100%"></div>

    <?php endwhile; ?>
<?php endif; ?>

<?php } ?>

</div>

<?php get_sidebar(); ?>

<?php get_footer(); ?>

EDIT

Based on this comment:

This doesn't seem to work, my page is loading up as normal whether I'm logged in or not.

I suspect that rather than password-protecting Pages, you actually want Pages to be visible only to logged-in users? (Note: these two concepts are entirely separate things in WordPress.)

So, running with that assumption, you would want to use is_user_logged_in(), rather than post_password_required().

Here's a sample custom Page template based on is_user_logged_in():

<?php
/**
 * Template: Login-Required
 */
?>

<?php get_header(); ?>

<div id="main">

<?php
// Globalize $post
global $post;
// Test for password-protected page
// Returns true if post is password-protected
// and if the password doesn't match cookie
if ( ! is_user_logged_in() ) {
    ?>
    <p>
    CUSTOM CONTENT THAT DISPLAYS ONLY WHEN USER IS NOT LOGGED IN
    GOES HERE
    </p>
    <?php
} else { 
    // Page isn't password-protected
    ?>

<?php if (have_posts()) : ?>
    <?php while (have_posts()) : the_post(); ?>

        <div id="map" style="width:100%; height:100%"></div>

    <?php endwhile; ?>
<?php endif; ?>

<?php } ?>

</div>

<?php get_sidebar(); ?>

<?php get_footer(); ?>

To summarize:

  1. Password Protected Post/Page

    Apply a per-post/page password that users must enter in order to view the post/page content. This password is set in the post-edit screen, and uses the UI provided on that screen to set the post as password-protected. Post/page content inside the Loop is automatically protected based on this per-post setting.

    From the Codex:

    Password Protect This Post

    To password protect a post, click Edit next to Visibility in the Publish area to the top right, then click Password Protected, click Ok, and enter a password. Then click OK. Note - Editor and Admin users can see password protected or private posts in the edit view without knowing the password.

  2. Login Protected Post/Page

    Completely separate from password-protecting a post/page. Requires wrapping content in a is_user_logged_in() conditional, and does not use or require a per-post password.

EDIT 2

Looking at your code, I have to ask: do you intend to display this map on password-protected pages? Because that's what your code is instructing:

<?php
global $post;
if ( post_password_required( $post ) ) {
?>

<?php $fields = get_acf(); ?>

<script type="text/javascript"> 
(function() { 

window.onload = function() { 

...

}}
) 
</script> 
<div id="map"></div>

This markup is saying: if the post password is required, display this javascript map.

I'm guessing that's the opposite of what you want?

Try this instead:

<?php
/**
 * @package WordPress
 * @subpackage Default_Theme
 * Template Name: Page
 */

get_header(); ?>

<?php
global $post;
if ( post_password_required( $post ) ) {
?>
<p>THIS POST IS PASSWORD PROTECTED. PLEASE ENTER THE PASSWORD TO VIEW THIS POST.</p>

<?php 
} else { 
// No password required, or password has been entered
?>


<?php $fields = get_acf(); ?>

<script type="text/javascript"> 
(function() { 

window.onload = function() { 

...

}}
) 
</script> 
<div id="map"></div>



    <?php if (have_posts()) : ?>
        <?php while (have_posts()) : the_post(); ?>

        <?php endwhile; ?>
    <?php endif; ?>

       <? 
} // Page isn't password-protected
?>
<?php get_footer(); ?>

Also: I would name your custom template something other than "Page"

EDIT 3

Re: this comment:

where would I enter a password to see the content?

You'll need to add a call to get_the_password_form() inside the post_password_required() output. Here's an example:

<?php
/**
 * @package WordPress
 * @subpackage Default_Theme
 * Template Name: Page
 */

get_header(); ?>

<?php
global $post;
if ( post_password_required( $post ) ) {
?>
<p>THIS POST IS PASSWORD PROTECTED. PLEASE ENTER THE PASSWORD TO VIEW THIS POST.</p>

<?php echo get_the_password_form(); ?>

<?php 
} else { 
// No password required, or password has been entered
?>


<?php $fields = get_acf(); ?>

<script type="text/javascript"> 
(function() { 

window.onload = function() { 

...

}}
) 
</script> 
<div id="map"></div>



    <?php if (have_posts()) : ?>
        <?php while (have_posts()) : the_post(); ?>

        <?php endwhile; ?>
    <?php endif; ?>

       <? 
} // Page isn't password-protected
?>
<?php get_footer(); ?>

Now, the password form should appear.


Use the following function within the loop to check if the user is allowed to see the custom content you want to hide:

global $post;
if ( ! post_password_required( $post ) ) {
    // protected content
} else {
    echo get_the_password_form();
}

The password protection and password form only show up when the_content() or the_excerpt() are called unless you use the above approach.

Tags:

Password