无作为
不仅仅是一种态度!
当前位置: 无作为 » 技术教程 » wordpress技术经验 » WordPress 禁止多人同时登录一个用户账号(代码版)

WordPress 禁止多人同时登录一个用户账号(代码版)

在WordPress的用户管理问题中发现WordPress有一个很头疼的问题,那就是,WordPress居然可以多个人同事登陆一个账号,不知道目前的4.8版本是否还允许,这里也不在测试,直接分享一段代码,实现:WordPress 禁止多人同时登录一个用户账号。

WordPress 禁止多人同时登录一个用户账号

这里推荐的功能插件为:Prevent Concurrent LoginsWp Single Login点击即可直接下载。

如果你不想用插件,这里是代码版,添加到function.php即可:

以下分别为两个插件提取的代码版!

Prevent Concurrent Logins提取:

function pcl_user_has_concurrent_sessions() {
	return ( is_user_logged_in() && count( wp_get_all_sessions() ) > 1 );
}
 
/**
 * Get the user's current session array
 *
 * @return array
 */
function pcl_get_current_session() {
	$sessions = WP_Session_Tokens::get_instance( get_current_user_id() );
 
	return $sessions->get( wp_get_session_token() );
}
 
/**
 * Only allow one session per user
 *
 * If the current user's session has been taken over by a newer
 * session then we will destroy their session automattically and
 * they will have to login again to continue.
 *
 * @action init
 *
 * @return void
 */
function pcl_disallow_account_sharing() {
	if ( ! pcl_user_has_concurrent_sessions() ) {
		return;
	}
 
	$newest  = max( wp_list_pluck( wp_get_all_sessions(), 'login' ) );
	$session = pcl_get_current_session();
 
	if ( $session['login'] === $newest ) {
		wp_destroy_other_sessions();
	} else {
		wp_destroy_current_session();
	}
}
add_action( 'init', 'pcl_disallow_account_sharing' );

Wp Single Login提取:

<?php
/*
Plugin name: WP Single Login
Plugin URI: http://magnigenie.com/wp-single-login/
Description: This plugin will automatically logout the already logged in user when a user with the same login details tries to login from different browser or different computer. This plugin needs zero configuration to run. Just install it if you want single login functionality on your site.
Version: 1.0
Author: Nirmal Ram
Author URI: http://magnigenie.com/about-me/
License: GPLv2 or later
License URI: http://www.gnu.org/licenses/gpl-2.0.html
*/
if( !class_exists( 'wp_single_login' ) ) {
  	class wp_single_login {
		private $session_id; 
 
		function __construct() {
			if ( ! session_id() )
			    session_start();
 
			$this->session_id = session_id();
 
			add_action( 'init', array( $this, 'wpsl_init' ) );
			add_action( 'wp_login', array( $this, 'wpsl_login' ), 10, 2 );
      add_filter('heartbeat_received', array( $this, 'wpsl_heartbeat_received' ), 10, 2);
			add_filter('heartbeat_nopriv_received', array( $this, 'wpsl_heartbeat_received' ), 10, 2);
			add_filter( 'login_message', array( $this, 'wpsl_loggedout_msg' ), 10 );
		}
 
		function wpsl_init() {
			if( ! is_user_logged_in() )
				return;
      //enqueue the Heartbeat API
      wp_enqueue_script('heartbeat');
      wp_enqueue_script('jquery');
 
      //load our Javascript in the footer
      add_action("wp_footer", array( $this, 'wpsl_scripts' ) );
			$user_sess_id = get_user_meta( get_current_user_id(), '_wpsl_hash', true );
 
			if( $user_sess_id != $this->session_id ) {
				wp_logout(); 
				wp_redirect( site_url( 'wp-login.php?wpsl=loggedout' ) );
				exit;
			}
		}
		function wpsl_login( $user_login, $user ) {
			update_user_meta( $user->ID, '_wpsl_hash', $this->session_id );
			return;
		}
		function wpsl_loggedout_msg() {
				if ( isset($_GET['wpsl']) && $_GET['wpsl'] == 'loggedout' ) {
						$msg = __( "Your session has been terminated as you are logged in from another browser." ) ;
						$message = '<p class="message">'.$msg.'</p><br />';
						return $message;
				}
		}
function wpsl_heartbeat_received($response, $data) {
  $user_sess_id = get_user_meta( get_current_user_id(), '_wpsl_hash', true );
	if( $data['user_hash'] && $data['user_hash'] != $user_sess_id ){
		$response['wpsl_response'] = 1;
    wp_logout();
	}
  else
    $response['wpsl_response'] = 0;
 
	return $response;
}
 
function wpsl_scripts() { ?>
<script>
  jQuery(document).ready(function() {
		wp.heartbeat.interval( 'fast' );
		//hook into heartbeat-send: and send the current session id to the server
		jQuery(document).on('heartbeat-send', function(e, data) {
			data['user_hash'] = '<?php echo $this->session_id; ?>';	//need some data to kick off AJAX call
		});
 
		//hook into heartbeat-tick: client looks for a 'server' var in the data array and logs it to console
		jQuery(document).on( 'heartbeat-tick', function( e, data ) {			
			if( data['wpsl_response'] ){
        alert( '<?php _e('Your session has been terminated as you are logged in from another browser.'); ?>' );
				window.location.href='<?php echo site_url( 'wp-login.php?wpsl=loggedout' ); ?> ';
			}
		});
	});		
</script>
<?php
}
	}
	new wp_single_login();
}

 

历史上的今天:

所有免费资源、福利、电影、破解软件未经允许不得转载:www.wuzuowei.net无作为 » WordPress 禁止多人同时登录一个用户账号(代码版)
分享到: 更多 (0)

来句评论吧! 1

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址
  1. #-19

    感谢楼主的分享

    essay代写3个月前 (09-28)回复

无作为-不仅仅是一种态度

登录/注册文章归档