Ask your WordPress questions! Pay money and get answers fast! Comodo Trusted Site Seal
Official PayPal Seal

Pass wordpress page password in link WordPress


I need to place a button on one of my pages that links to another WordPress page that is password protected. I won't kill you with details, but I have a situation that is making people enter a password twice, and I want to lose the second entry.

So, let's say Page 1 has a link on it like:

<a href="">Register Now</a>

And Page 2 is a password protected WordPress page. Is there a way to pass the password so the page opens up automatically for them?

Answers (2)


Reigel Gallarde answers:

you can do it like this... add this to your functions.php

add_action( 'template_redirect', 'my_template_redirect' );
function my_template_redirect(){
global $post;
if ( isset( $_GET['password'] ) && ( $_GET['password'] == $post->post_password ) )
$post->post_password = '';

then your link should be like this...

<a href="">Register Now</a>

what this do is if the passed password on the link is correct, the post password will be removed in that moment only...
password protected post/page will still work as usual without the password on the link...

Kyler Boudreau comments:

Reigel - love your solution, but it's not pulling the password for me.

I'm placing the password in the functions.php code. Assuming the password was PASSWORD, it would look like this:

add_action( 'template_redirect', 'my_template_redirect' );

function my_template_redirect(){

global $post;

if ( isset( $_GET['password'] ) && ( $_GET['password'] == $post->post_password ) )

$post->post_password = 'PASSWORD';


Reigel Gallarde comments:

no, just copy my code as is... you will change the password on the link... should $post->post_password = '';.. then the link will have the password in my example, "mypassword" ...

copy my code into functions.php... the only thing to change is the password on the link here, "mypassword"
<a href="">Register Now</a>

Kyler Boudreau comments:

gotcha - the problem is that is readable on a 'view source' on the page.

Reigel Gallarde comments:

Where are you putting the link? admin post editor?
we can't do something about the password being visible in the 'view source' if we're adding it as html.. even rempty's answer, password is visible...

my alternative solution is to use shortcode.. so we can use wpnonce instead... something like this..

paste this code on functions.php

add_action( 'template_redirect', 'my_template_redirect' );
function my_template_redirect(){
global $post;
$password = '';
if (isset($_GET['_wpnonce']) && wp_verify_nonce($_GET['_wpnonce'], $post->post_password )) {
$password = $post->post_password;
require_once ABSPATH . WPINC . '/class-phpass.php';
$hasher = new PasswordHash( 8, true );
$expire = apply_filters( 'post_password_expires', time() + 10 * DAY_IN_SECONDS );
$referer = wp_get_referer();
if ( $referer ) {
$secure = ( 'https' === parse_url( $referer, PHP_URL_SCHEME ) );
} else {
$secure = false;
setcookie( 'wp-postpass_' . COOKIEHASH, $hasher->HashPassword( wp_unslash( $password ) ), $expire, COOKIEPATH, COOKIE_DOMAIN, $secure );
wp_safe_redirect( get_permalink( $post->ID ) );

function password_link_shortcode_tag( $atts, $content = "" ) {
$atts = shortcode_atts( array(
'link' => '',
'password' => ''
), $atts);

$link = '';
if ($atts['link']) {
$link = sprintf('<a href="%s">%s</a>',wp_nonce_url( $atts['link'], $atts['password'] ) , $content);

return $link;
add_shortcode( 'password_link', 'password_link_shortcode_tag' );

then on the page where you need to add a link, you can paste this shortcode instead of the link....

[password_link link="" password="test"]Register Now[/password_link]

if you need it on a php file, should be something like this...

do_shortcode('[password_link link="" password="test"]Register Now[/password_link]');

in this shortcode, take note of the link and the password, that's need to change according to your needs... also "Register Now" can be changed...

what this do is it will produce a link like,

where _wpnonce is actually our secret key for the password... this will also expire much like the password itself...

Reigel Gallarde comments:

typo.. forgot to echo....

do_shortcode('[password_link link="" password="test"]Register Now[/password_link]');
should be
echo do_shortcode('[password_link link="" password="test"]Register Now[/password_link]');
if you need it on a php file...

Kyler Boudreau comments:

DUDE!!!!!! Thank you. You're awesome.


Rempty answers:

Maybe replacing the "<a>" with a "<form>" with the password hidden and a button

//here the postid
//The password of the post
$label = 'pwbox-'.( empty( $ppost_id ) ? rand() : $ppost_id );
$o = '<form action="' . esc_url( site_url( 'wp-login.php?action=postpass', 'login_post' ) ) . '" method="post">
<input name="post_password" id="' . $label . '" value="'.$password.'" type="hidden" size="20" maxlength="20" />
<input type="submit" class="password-submit" name="Submit" value="Register Now" />
echo $o;