wp_logout() calls clear_auth_cookie(), which expires all authorization cookies set. It doesn’t change the value of the global $current_user variable. So technically you’re still logged in for the duration of the script. If you’re using wp_logout in your own code, its probably best to exit or wp_redirect immediately afterwards. You can call wp_set_current_user(0) after wp_logout() to … Read more
You also need to define a matching COOKIEHASH for both sites – a random 32 bit string will do. By default, COOKIEHASH is an MD5 hash of the site URL, and is used to generate the default names for all authentication-related cookies. Hence why, at the moment, your cross-domain login isn’t working (the names of … Read more
That button sends an AJAX request that runs wp_ajax_destroy_sessions(). It’s not really abstracted in such a way that you can re-use it outside of AJAX, but if you copy the source into your own function, minus the JSON parts, then you could perform the same action yourself. The key part is this bit, which will … Read more
If you want to redirect to the page you’re currently on use: wp_logout_url( $_SERVER[‘REQUEST_URI’] ); or wp_logout_url( get_permalink() ); Or if you want to redirect to another site use the allowed_redirect_hosts function.
Try setting $experation to a negative integer: function myplugin_cookie_expiration( $expiration, $user_id, $remember ) { return $remember ? $expiration : -600; } add_filter( ‘auth_cookie_expiration’, ‘myplugin_cookie_expiration’, 99, 3 ); From the w3schools PHP page on cookies: <?php // set the expiration date to one hour ago setcookie(“user”, “”, time()-3600); ?>
This really does belong in a plugin, but you can just as easily drop it in your theme’s functions.php function default_login_redirect( $redirect, $request_redirect ) { if ( $request_redirect === ” ) $redirect = home_url(); return $redirect; } add_filter( ‘login_redirect’, ‘default_login_redirect’, 10, 2 );
Replacing just the URL is not enough. You have to tell WordPress what to do with the new URL. Sample code, creates a log-out URL like example.com/logout=1 and redirects to front page or custom URL after logging the user out: add_filter( ‘logout_url’, ‘t5_custom_logout_url’, 10, 2 ); add_action( ‘wp_loaded’, ‘t5_custom_logout_action’ ); /** * Replace default log-out … Read more
This happens because of a missing nonce parameter in the URL. Every WordPress action, including login/logout, validates the nonce first, to make sure the request comes from a known source.
Using this code in the functions.php does the trick: function wpse_44020_logout_redirect( $logouturl, $redir ) { return $logouturl . ‘&redirect_to=’ . get_permalink(); } add_filter( ‘logout_url’, ‘wpse_44020_logout_redirect’, 10, 2 ); Note – The above code works only on non-admin pages. To make this work on any page you should replace: return $logouturl . ‘&redirect_to=’ . get_permalink(); With: … Read more
If you are changing the password for the current logged-in user, it will log you out. You have to log in again: // Get current logged-in user. $user = wp_get_current_user(); // Change password. wp_set_password($new_password, $user->ID); // Log-in again. wp_set_auth_cookie($user->ID); wp_set_current_user($user->ID); do_action(‘wp_login’, $user->user_login, $user); Note that since you are setting a new log-in cookie (i.e. changing … Read more