WordPress.org

Make WordPress Core

Opened 3 years ago

Last modified 2 weeks ago

#35488 reviewing defect (bug)

wp_logout() not working as it should

Reported by: sebastian.pisula Owned by: SergeyBiryukov
Milestone: 5.3 Priority: normal
Severity: normal Version:
Component: Users Keywords:
Focuses: Cc:

Description

I have test:

<?php

include 'wp-load.php';

echo 'content for guest<br />';

if ( is_user_logged_in() ) {
        echo 'content for user logged in<br />';
} else {
        echo 'content for user logged in - go to login form<br />';
}

wp_logout();

echo 'content for guest<br />';

if ( is_user_logged_in() ) {
        echo 'content for user logged in';
} else {
        echo 'content for user logged in - go to login form<br />';
}

Output should be:

content for user logged in
content for user logged in - go to login form

but output is:

content for user logged in
content for user logged in

I think that this is bug.

Attachments (1)

35488.patch (506 bytes) - added by sebastian.pisula 3 years ago.

Download all attachments as: .zip

Change History (6)

#1 follow-up: @ocean90
3 years ago

It's actually the same behaviour as with wp_signon(), see #28116.

#2 in reply to: ↑ 1 @sebastian.pisula
3 years ago

Replying to ocean90:

It's actually the same behaviour as with wp_signon(), see #28116.

this is bug ? :)

#3 @johnbillion
3 years ago

Note that logging a user out after output has started is not possible because cookies cannot be set after the headers have been sent.

#5 @roytanck
5 months ago

  • Status changed from new to reopened

Bumped into this in a project today, and have taken the liberty of reopening the ticket.

I'm writing a plugin that automatically logs a user out after a certain period of inactivity. To do this, I'm hooking into "admin_init", and if the user has been inactive for x minutes, I call wp_logout(). For this to work properly, all code running after "admin_init" should run as if the user is not logged in. Among other things, this will trigger the login modal in wp-admin.

Considering that I just explicitly logged out the user, is_user_logged_in() especially should return false. Other functions that are affected are get_current_user() and wp_auth_check().

Sebastian.pisula's patch works flawlessly for me on 5.0.3. It makes wp_logout() do what the function's name and description suggest.

Please consider accepting this patch.

#6 @SergeyBiryukov
3 months ago

  • Milestone set to 5.3
  • Owner set to SergeyBiryukov
  • Status changed from reopened to reviewing
Note: See TracTickets for help on using tickets.