Automatically logout user when changing password or email

This support ticket is created 5 years, 8 months ago. There's a good chance that you are reading advice that it now obsolete.

This is the technical support forum for Toolset - a suite of plugins for developing WordPress sites without writing PHP.

Everyone can read this forum, but only Toolset clients can post in it. Toolset support works 6 days per week, 19 hours per day.

Sun	Mon	Tue	Wed	Thu	Fri	Sat
-	9:00 – 13:00	9:00 – 13:00	9:00 – 13:00	9:00 – 13:00	9:00 – 13:00	-
-	14:00 – 18:00	14:00 – 18:00	14:00 – 18:00	14:00 – 18:00	14:00 – 18:00	-

Supporter timezone: Asia/Karachi (GMT+05:00)

Tagged: Content-submission forms, Toolset Forms

This topic contains 2 replies, has 2 voices.

Last updated by FelipeP5703 5 years, 8 months ago.

Assisted by: Waqar.

Author

Posts

April 23, 2019 at 3:50 pm #1234567

FelipeP5703

Tell us what you are trying to do?
After the user changes his/her password or email, it should automatically log him/her off for security purpose.

Is there any documentation that you are following?
I read and re-read this article but it does not mention such thing: https://toolset.com/documentation/user-guides/building-the-my-account-page/

Is there a similar example that we can see?
Every registration site out there... facebook, google+, etc...

What is the link to your site?
hidden link

April 24, 2019 at 12:44 pm #1234985

Waqar

Hi Felipe,

Thanks for asking! I'd be happy to help.

The way user login status works, if the email or the password is updated for a user (either through the admin area or the front-end Toolset Form), he/she will be automatically logged-out from all other browsers.
( note: the browser which was used for the profile update, will still hold the logged-in status and won't log out )

If you'd like to also force log out the user from the same browser as well, this will require some custom code, to change the WordPress' default functionality.

For specialized assistance around WordPress' default features and customization, you can post your question to the dedicated forums, such as:

https://wordpress.org/support/forums/
https://wordpress.stackexchange.com/

regards,
Waqar

April 24, 2019 at 7:28 pm #1235277

FelipeP5703

This is for anyone who is looking for the same thing as me. I used this code below in the Edit Form where it says to display a message after the submit button:

<meta http-equiv="refresh" content="0; URL='YOUR_URL/wp-login.php?action=logout&redirect_to=ANOTHER_URL'" />

Make sure you change YOUR_URL with your website's url and ANOTHER_URL to where you want to redirect the user.

AND I used this code below in the function.php file (best to use a child theme) in order to skip the confirmation message that comes after you logout.

//Logout without confirmation
add_action('check_admin_referer', 'logout_without_confirm', 10, 2);
function logout_without_confirm($action, $result)
{
    /**
     * Allow logout without confirmation
     */
    if ($action == "log-out" && !isset($_GET['_wpnonce'])) {
        $redirect_to = isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : '';
        $location = str_replace('&', '&', wp_logout_url($redirect_to));;
        header("Location: $location");
        die;
    }
}

My issue is resolved now. Thank you!