this string is displayed when you get a nonce mismatch, something that should not happen much under normal usage. If it does haen enough to make you aware to it then you should investigate the cause. Anyway, no easy filter for that string so you will have to use the translation api to replace it. … Read more
One approach can be to log the time a user is logging in at by using: function user_last_login($user_login, $user) { update_user_meta($user – > ID, ‘last_login’, time()); } add_action(‘wp_login’, ‘user_last_login’, 10, 2); and then checking if the time is passed: add_action(‘get_header’, ‘processOnPageLoad’, 1 ); add_action(‘admin_init’, ‘processOnPageLoad’, 1 ); function processOnPageLoad() { if( is_user_logged_in() && condition_to_check_required_user ) … Read more
Try using wp_redirect($url). See https://developer.wordpress.org/reference/functions/wp_redirect/ . So…something like: // set up the URL to redirect to $redirect_to = ‘https://www.example.com/page’; wp_redirect($redirect_to); exit; Note that exit is required to close out the code. See the docs in the above link.
Try this, It may helpful. function wc_custom_registration_redirect() { wp_logout(); wp_destroy_current_session(); return home_url(“https://wordpress.stackexchange.com/”); } add_action(‘woocommerce_registration_redirect’, ‘wc_custom_registration_redirect’, 99);
|| means OR. Your code will never allow $current_user to proceed because one of the OR conditions will fail. Try using AND && instead: if ( ($current_user->user_login != ‘john’) && ($current_user->user_login != ‘sheila’ ) ) {
Try using wp_loginout(). It automatically handles those conditions.
Add submenu with a custom link, /wp-login?action=logout, like the image below: Add code like below in functions.php: function wpa_remove_menu_item( $items, $menu, $args ) { if ( is_admin() || ! is_user_logged_in() ) return $items; foreach ( $items as $key => $item ) { if ( ‘Login / Register’ == $item->title ) unset( $items[$key] ); if ( … Read more
I made an answer out of this now to give a more detailed write-up to your question. As the botnet is so large and the attack is happening with so much IPs (some providers say they have seen >90.000 different addresses) it makes no sense anymore to start blocking single IPs (using plugins like Limit … Read more
WordPress Multisite logout conflict
The reason you’re not finding anything is because WordPress does not use any form of “sessions”. Login status information is not saved, or retrieved. Logging into WordPress basically sets a cookie in your browser which is a single authentication point. It is the equivalent of a username and password, with encryption and a timeout, all … Read more