Use wp_logout()
. It calls wp_clear_auth_cookie()
and invalidates the current log-in information immediately.
Sample code, not tested:
add_action( 'init', 'log_out_banned_user' );
function log_out_banned_user() {
if ( ! is_user_logged_in() )
return;
$user = wp_get_current_user();
if ( ! get_user_option( 'rc_banned', $user->ID, false ) )
return;
wp_logout();
wp_redirect( home_url( "https://wordpress.stackexchange.com/" ) );
exit;
}