Fix password-protected page template

[thebaer]

A typo in the password-protected.tmpl template would previously cause the page to fail. This fixes that.

It also updates the "silenced" alert text in edit-meta.tmpl.

Resolves #221.

[thebaer]

Also noticed an issue with password-protected blogs for suspended accounts not returning a 404 right away. Fixed that in 6f6204a.

This is ready for review now.

[ghost]

everything is working as described except another issue:

If the user with the protected blog is silenced, and another user who has entered the password visits the page of a post, not the blog root, the post is still displayed but with the 'you are silenced' banner.

I tested out a small fix to check for suspended collection owners on protected collection posts:

diff --git a/posts.go b/posts.go
index 9440ad8..1167c71 100644
--- a/posts.go
+++ b/posts.go
@@ -1342,6 +1342,9 @@ func viewCollectionPost(app *App, w http.ResponseWriter, r *http.Request) error
        if c.IsPrivate() && (u == nil || u.ID != c.OwnerID) {
                return ErrPostNotFound
        }
+       if c.IsProtected() && (u == nil || u.ID != c.OwnerID) && suspended {
+               return ErrPostNotFound
+       }
        if c.IsProtected() && ((u == nil || u.ID != c.OwnerID) && !isAuthorizedForCollection(app, c.Alias, r)) {
                return impart.HTTPError{http.StatusFound, c.CanonicalURL() + "/?g=" + slug}
        }

I can push that up if you like.

[thebaer]

Good catch. Yeah, feel free to push that -- though maybe combine the logic? e.g.

if c.IsProtected() && (u == nil || u.ID != c.OwnerID) {
  if suspended {
    return ErrPostNotFound
  } else if !isAuthorizedForCollection(app, c.Alias, r) {
    ...

[ghost]

with fix for previous authorized users this is good now.

tested logged in user, owner and logged out users for both protected collection and protected collection post with and without the owner silenced

[thebaer]

Great, confirmed this is working. Merging now, thanks!