wp_ajax_destroy_sessions() WordPress Function
The wp_ajax_destroy_sessions function is used to destroy all sessions for the current user. This function is called when the user logs out of their account.
wp_ajax_destroy_sessions() #
Ajax handler for destroying multiple open sessions for a user.
Source
File: wp-admin/includes/ajax-actions.php
function wp_ajax_destroy_sessions() {
$user = get_userdata( (int) $_POST['user_id'] );
if ( $user ) {
if ( ! current_user_can( 'edit_user', $user->ID ) ) {
$user = false;
} elseif ( ! wp_verify_nonce( $_POST['nonce'], 'update-user_' . $user->ID ) ) {
$user = false;
}
}
if ( ! $user ) {
wp_send_json_error(
array(
'message' => __( 'Could not log out user sessions. Please try again.' ),
)
);
}
$sessions = WP_Session_Tokens::get_instance( $user->ID );
if ( get_current_user_id() === $user->ID ) {
$sessions->destroy_others( wp_get_session_token() );
$message = __( 'You are now logged out everywhere else.' );
} else {
$sessions->destroy_all();
/* translators: %s: User's display name. */
$message = sprintf( __( '%s has been logged out.' ), $user->display_name );
}
wp_send_json_success( array( 'message' => $message ) );
}
Expand full source codeCollapse full source codeView on TracView on GitHub
Changelog
| Version | Description |
|---|---|
| 4.1.0 | Introduced. |