in the wordpress functions.php page, I enabled Session variables like this:

session_start();
$_SESSION['usuarioId'] = $user_ID;;
$_SESSION['usuarioNome'] = $user_identity;
$_SESSION['email'] = $user_email;
$_SESSION['login'] = $user_login;
function register_my_session(){
    if(! session_id()) {
        session_start();
    }
}

When logging out with the wordpress logout function, I don't destroy the sessions of the pages where I use them. I no longer have access to the wp-admin page, because I logged out, but on the pages where I have these sessions, the pages still have access.

I have this problem, I need to create a function to log out of the sit

Can you help?

CodePudding user response：

Maybe try:

function wp_destroy_current_session() {
    $token = wp_get_session_token();
    if ( $token ) {
        $manager = WP_Session_Tokens::get_instance( get_current_user_id() );
        $manager->destroy( $token );
    }
}

Source: wp_destroy_current_session()

CodePudding user response：

You probably want to use the wp_logout. Per the documentation:

Fires after a user is logged out.

add_action(
    'wp_logout',
    function() {

        // Destroy PHP's relation to the session
        session_destroy();

        // Unset the global session variable, just in case they are used elsewhere
        $_SESSION = [];
    }
);

If you are using a theme, this code can be placed in functions.php, or anything that that file includes.

Make sure to read the documentation on session_destroy to understand that it might not behave exactly as you expect, depending on when you call it.