PPWP Pro Hooks, REST APIs, & Public Functions

Since version 1.3, Password Protect WordPress Pro provides RESTful APIs and public functions to achieve the following:

• Password protect any posts automatically upon publishing
• Generate password bypass URL
• Return password form for protected content
• Change shortcode passwords conditionally
• Check if content is protected
• Remove ?ppwp=1 query string
• Use multiple QAL parameters
• Show password by default
• Hide the “Password Protection” column
• Grant access to the settings page
• Redirect after unlocking PCP content
• Exclude protected content from WP Query
• Remove enclosure
• Show password labels on protected content

PPWP public action & filter hook

Category	Hook	Type	Available on
Individual Protection
	ppwp_qal_single_allowed_page	filter	Pro
	ppwp_single_page_robots_content	filter	Pro
Partial Protection
	ppwp_qal_pcp_allowed_page	filter	Pro
Sitewide Protection
	ppw_custom_header_form_entire_site	action	Free
	ppw_custom_footer_form_entire_site	action	Free
	ppwp_sitewide_head	action	Pro
	ppwp_sitewide_footer	action	Pro
	ppwp_before_show_sidewide_form	action	Pro
	ppwp_sitewide_error_message	filter	Pro
	ppwp_sidewide_robots_content	filter	Pro

Where are sitewide passwords stored?

PPWP Free and Pro store sitewide passwords under wp_options table:

• PPWP Free’s option name is wp_protect_password_set_password_options
• PPWP Pro’s option name is ppw_entire_site_options

With PPWP Suite extension, we migrate sitewide passwords to our own wp_pda_passwords table for extended features management.

Change Shortcode Passwords Conditionally

Use the following hook to filter passwords shortcode attributes when protecting partial content.

add_filter( 'ppw_shortcode_passwords', 'ppw_filter_shortcode_passwords' );
/**
 * Filter PPWP Passwords.
 * 
 * @param array $passwords Array shortcode passwords.
 * 
 * @return array
 */
function ppw_filter_shortcode_passwords( $passwords ) {
	// Filter array passwords.
	return $passwords;
}

Check if content is protected

Use the following code snippet to check if your content is password protected by our plugins. You can get the ID number by hovering over the desired post title.

By PPWP Pro

if ( class_exists( 'PPW_Pro_Password_Services' ) ) {
  $post_id = 15503;
  $password_service = new PPW_Pro_Password_Services();
  $is_protected_content = $password_service->is_protected_content( $post_id );
}

By PPWP Groups

if ( class_exists( 'PPWP_Group_Password_Service' ) ) {
   //1153 is your post ID.
   $group_ids = PPWP_Group_Password_Service::get_instance()->get_group_ids_by_post( 1153 );
   if ( ! empty( $group_ids ) ) {
     // This post is protected by PPWP Group
   }
}

Remove ?ppwp=1 query string

Once users enter the right password, our plugin will add the ?ppwp=1 query string to the page URL for tracking purposes. This doesn’t affect your site whatsoever.

However, if you want to remove the query string for some reason, simply add the following codes to your (child) theme’s functions.php file.

add_filter('ppwp_ppf_redirect_url_before_return_content', function ($url) {
    $url = add_query_arg('ppwp', null);
    return $url;
});

Use multiple QAL parameters

Each type of our quick access links comes with a different access token and you can’t use them all at the same time.

If you want users to be able to access multiple protection layers at once, simply add the following code snippet to your (child) theme’s functions.php file.

add_filter( 'ppwp_shortcode_url', function ( $url ) {
	if ( ! class_exists( 'PPW_Pro_Constants' ) ) {
		return $url;
	}

	$bypass_key = PPW_Pro_Constants::BYPASS_PARAM;
	if ( ! isset( $_GET[ $bypass_key ] ) ) {
		return $url;
	}

	// Do not truncate the ppwp_ac params.
	$query = wp_parse_url( $url, PHP_URL_QUERY );

	$by_pass_val  = $_GET[ PPW_Pro_Constants::BYPASS_PARAM ];
	$bypass_param = "$bypass_key=$by_pass_val";
	if ( $query ) {
		$url .= "&$bypass_param";
	} else {
		$url .= "?$bypass_param";
	}

	return $url;
} );

Show passwords by default

By default, users need to click on the “Show password” checkbox to see what they’re typing. In order for the passwords to always display, simply add the following code snippet to your (child) theme’s functions.php file.

For Single Password Form

add_filter( 'ppwp_customize_password_form', function( $content ) {
  return str_replace( 'type="password"', 'type="text"', $content );
});

For Sitewide Form – Pro version

add_filter( 'ppw_custom_entire_site_login_form', function( $content ) {
  return str_replace( 'type="password"', 'type="text"', $content );
});

Hide the “Password Protection” column

There are 3 ways to hide our “Password Protection” column in the Pages or Posts dashboard.

Option 1: Uncheck that column in the Screen Options.

Option 2: Use the Admin Columns plugin.

Option 3: Add the following custom codes to your (child) theme’s functions.php file.

For PPWP Free version

$post_types = array( 'posts', 'pages' ); 
foreach ( $post_types as $post_type ) { 
    add_filter( "manage_${post_type}_posts_columns", function ( $columns ) { 
	unset( $columns['ppw_password_protection'] ); 
	return $columns; 
    }, 99 ); 
}

For PPWP Pro version

$post_types = array( 
    'posts', 
    'pages', 
    'your-custom-post-type' 
); 
foreach ( $post_types as $post_type ) { 
    add_filter( "manage_${post_type}_columns", function ( $columns ) { 
        unset( $columns['pda_password_protection'] ); 
        return $columns; 
    }, 99 ); 
}

Grant access to PPWP settings page

Requirements:

• Password Protect WordPress Lite version 1.7.5 and greater
• (or/and) Password Protect WordPress Pro version 1.3.6 and greater

By default, only admin users can access PPWP settings page and create master passwords.

To grant access to other users, you need to modify their capabilities by adding  ppwp_manage_options.

Redirect users to a specific page after unlocking PCP content

Requirements:

• Password Protect WordPress Lite version 1.7.8 and greater
• Password Protect WordPress Pro version 1.3.6 and greater

There comes a time when you want your users to be redirected to a specific page after unlocking partial content protection.

To do that, simply add the following custom codes to your (child) theme’s functions.php file or Code Snippets plugin.

Redirect based on passwords

add_filter(
    'ppw_pcp_api_result',
    function ( $result, $password, $post ) {
       if ( ! $result['isValid'] ) {
          return $result;
       }
       $post_id              = $post->ID;
       $redirected_passwords = [
          [
             'password'    => ['123', 'ppwp'], // Add your passwords here
             'redirect_to' => 'https://passwordprotectwp.com', // Add the redirected URL here
             'post_id'     => 316, // Add your post ID here
          ],
         [
             'password'    => ['welcome', 'passwordprotectwp'], // Add your passwords here
             'redirect_to' => 'https://preventdirectaccess.com', // Add the redirected URL here
             'post_id'     => 314, // Add your post ID here
          ],
       ];
       $found_passwords = array_filter(
          $redirected_passwords,
          function ( $redirected_password ) use ( $password, $post_id ) {
            foreach ( $redirected_password['password'] as $key => $value_pass ) {
                if ( $value_pass === $password && $post_id == $redirected_password['post_id'] ) {
                    return true;
                }
            }
          }
       );
       if ( count( $found_passwords ) > 0 ) {
           $found_passwords      = array_values( $found_passwords );
          $found_password        = $found_passwords[0];
          $result['isRedirect']  = true;
          $result['redirect_to'] = $found_password['redirect_to'];
       }
       return $result;
    },
    10,
    3
 );

Redirect based on protected content

add_filter(
    'ppw_pcp_api_result',
    function ( $result, $password, $post ) {
       if ( ! $result['isValid'] ) {
          return $result;
       }
       $post_id              = $post->ID;
       $redirected_passwords = [
          [
             'redirect_to' => 'https://passwordprotectwp.com', // Add the redirected URL here
             'post_id'     => 316, // Add your post ID here
          ],
       ];
       $found_passwords = array_filter(
          $redirected_passwords,
          function ( $redirected_password ) use ( $password, $post_id ) {
                    return $post_id == $redirected_password['post_id'];
                }
       );
       if ( count( $found_passwords ) > 0 ) {
           $found_passwords      = array_values( $found_passwords );
          $found_password        = $found_passwords[0];
          $result['isRedirect']  = true;
          $result['redirect_to'] = $found_password['redirect_to'];
       }
       return $result;
    },
    10,
    3
 );

You can get the post ID by hovering over the desired post title.

Exclude protected content from WP Query

In our PPWP Lite version, all passwords are stored under wp_postmeta table.

The content protection status is defined via wp_postmeta using the “wp_protect_password_multiple_passwords” meta_key.

The following is a sample codes to exclude content protected by our PPWP Lite from WP Query.

'meta_query' => array(
    'relation' => 'OR',
    array(
      'key' => 'wp_protect_password_multiple_passwords',
      'compare' => 'NOT EXISTS',
    ),
    array(
      'key' => 'wp_protect_password_multiple_passwords',
      'value' => 'false',
    )
),

In case of PPWP Pro version, passwords of your protected content are located under wp_pda_passwords table.

The content protection status is defined via wp_postmeta using the “auto-generate-pwd” meta_key.

You can use the following codes to exclude content protected by our PPWP Pro from WP Query.

'meta_query' => array(
    'relation' => 'OR',
    array(
      'key' => 'auto-generate-pwd',
      'compare' => 'NOT EXISTS',
    ),
    array(
      'key' => 'auto-generate-pwd',
     'value' => 'false',
   )
),

Remove enclosure URLs from WordPress feed

Use the following custom codes to remove enclosure URLs from your WordPress feed. You can add the code to your (child) theme’s functions.php file or Code Snippets plugin.

function delete_enclosure() {
   return '';
}
add_filter( 'get_enclosed', 'delete_enclosure' );
add_filter( 'rss_enclosure', 'delete_enclosure' );
add_filter( 'atom_enclosure', 'delete_enclosure' );

Show password labels on protected content

Let’s say you labels as a name of users that passwords belong to. To display username on protected content based on entered passwords, simply follow our step-by-step guide below.

Step 1: Add the following custom codes to your (child) theme’s functions.php file or Code Snippets plugin.

add_shortcode(

   'ppwp_show_password_labels',

   function () {

      if ( ! method_exists( 'PPW_Pro_Repository', 'find_password_by_hash' ) ) 
      {
         return null;
      }

      $post_id    = get_the_ID();

      $cookie_key = PPW_Pro_Constants::GOLD_PASS_COOKIE . $post_id . COOKIEHASH;

      $cookie     = sanitize_text_field( $_COOKIE[ $cookie_key ] );

      $hash       = wp_unslash( $cookie );

      $roles      = ppw_core_get_current_role();

      $pro_repo   = new PPW_Pro_Repository();

      $password   = $pro_repo->find_password_by_hash( $hash, $roles, $post_id );

      if ( ! isset( $password->label ) ) 
      {
         return null;
      }

      return $password->label;

   }

);

Step 2: Use [ppwp_password_labels] shortcode to display password labels on protected pages.