Reputation: 81
how to destroy session and cookies from same server in php?
I have drupal login module which will trigger whenever user login from wordpress site it will be triggered and login to the site but when user logout from drupal it doesnt logout from wordpress. Please check with the below code and guide me solve this problem
function wp_login_user_logout( $account) {
if (isset($_SERVER['HTTP_COOKIE'])) {
$cookies = explode(';', $_SERVER['HTTP_COOKIE']);
foreach($cookies as $cookie) {
$parts = explode('=', $cookie);
$name = trim($parts[0]);
setcookie($name, '', time()-1000);
setcookie($name, '', time()-1000, '/','sitedomain.com');
}
}
}
Upvotes: 1
Views: 1221
Answers (1)
Reputation: 2991
You cant modify cookies of another domain from one domain.
so I suggest you create some kind of api like this.
on WordPress installation...
<?php
// file: wp/api/logout.php
require_once("../wp-load.php");
if(empty($_GET["email"])) {
die('no email given');
}
// get wordpress user_id by email
$email = $_GET["email"];
$user = get_user_by( 'email', $email );
$user_id = $user->ID;
// get all sessions for user with ID $user_id
$sessions = WP_Session_Tokens::get_instance($user_id);
// we have got the sessions, destroy them all!
$sessions->destroy_all();
print("user logged out.");
now if you access url of your wordpress like this(be sure to url encode email id): https://example.com/api/logout.php?email=email%40gmail.com
it will logout user with email id: [email protected]
now you can do curl request from your drupal to this url.
off course this is not very secure (one can logout any user if they have email id)
Upvotes: 1
Related Questions
- How to destroy the session cookie correctly with PHP?
- Deleting session cookies with PHP
- How to delete a Session Cookie
- Delete session cookie
- Can't destroy cookie and session in same time?
- Deleting session after log out
- delete cookie in php
- Destroy all sessions but one
- Delete PHP Cookie?
- PHP: destroy $_COOKIES only but not $_SESSION?