I’ve had a look at WordPress’ core code and couldn’t find anything really useful to add a filter on the post password.
You could use the filter wp_insert_post_empty_content, it is used to check whether the required fields of the post are set or not (e.g.: title).
Here is an example on how it could be used:
function myfunc_password_policy( $maybe_empty, $postarr ) {
$result = $maybe_empty;
// is the value of the field $postarr['post_password'] complicated enough?
// ...
return $result;
}
add_filter( 'wp_insert_post_empty_content', 'myfunc_password_policy', 9999, 2);
The problem is that there will be no relevant error message displayed in the admin if the password is refused.
Another way might be to use Javascript to hook the click event on the publish/update button and send an ajax request with the value of the password field:
function myfunc_check_password_policy(){
global $post;
if('post' === $post->post_type){
echo "
<script>
jQuery(document).ready(function($){
//Click handler - you might have to bind this click event another way
$('input#publish, input#save-post').on('click', function(){
var password_value = $('#post_password').val();
var ajax_url="" . admin_url( "admin-ajax.php' ) . "';
// send an ajax request to check if the password
$.ajax(
ajax_url,
{
action:'check_protected_post_password',
// ...
}
);
});
});
</script>";
}
}
add_action('admin_head-post.php', 'myfunc_check_password_policy');
add_action('admin_head-post-new.php', 'myfunc_check_password_policy');
The code samples haven’t been tested and obviously need some improvement but you should get the idea.
These are the possibilities I could think of to solve your problem. Good luck 🙂