admin管理员组

文章数量:1129794

I have two wordpress installations: a single one and a multisite with subdirectories. On both my users can logout with the url:

[URL to]/wp-login.php?action=logout&redirect_to=%2Fmydir%2F&_wpnonce=[some_code]

This works on the single site without confirmation, but on the site within the multisite it doesn't. Here the user needs to confirm the logout.

How can I bypass the confirmation?

Thank you.

I have two wordpress installations: a single one and a multisite with subdirectories. On both my users can logout with the url:

[URL to]/wp-login.php?action=logout&redirect_to=%2Fmydir%2F&_wpnonce=[some_code]

This works on the single site without confirmation, but on the site within the multisite it doesn't. Here the user needs to confirm the logout.

How can I bypass the confirmation?

Thank you.

  • multisite
  • logout
Share Improve this question asked Aug 29, 2019 at 12:15 pehupehu 114 bronze badges 1
  • Have found the best solution and explanation : scratchcode.io/how-to-logout-without-confirmation-in-wordpress – Mayank Dudakiya Commented Dec 20, 2020 at 7:25
Add a comment  | 

2 Answers 2

Reset to default 1

Output the logout link with wc_logout_url() and it will be nonced and have no confirmation. The confirmation is a security measure.

You could also try adding the following to your functions.php or a plugin:

// Logout without confirmation.
function wpse_bypass_logout_confirmation() {
    global $wp;

    if ( isset( $wp->query_vars['customer-logout'] ) ) {
        wp_redirect( str_replace( '&', '&', wp_logout_url( wc_get_page_permalink( 'myaccount' ) ) ) );
        exit;
    }
}
add_action( 'template_redirect', 'wpse_bypass_logout_confirmation' );

The structure of the urls from my Wordpress installations is

/wpone/   # Single site installation
/wptwo/   # Multisite installation with subdirectories
/wptwo/site1/
/wptwo/site2/

and so on. Furthermore, I have a directory 

/site1/

on which I call via .htaccess the content of 

/wptwo/site1/

When a user logs in, Wordpress set 3 cookies: wordpress_test_cookie, wordpress_logged_in and wordpress_sec. wordpress_test_cookie and wordpress_logged_in are valid only for /wptwo/site1/ and not for /site1/. This is checked during the generation of wpnonce. When I call /site1/logout/, it is not the same as /wptwo/site1/logout/. Logout via /wptwo/site1/logout/ works without confirmation.

本文标签: logoutlogging out withwithout confirmationsingle siteMultisite

版权声明:本文标题:logout - logging out withwithout confirmation - single site, multisite 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1736752974a1951134.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。