对于开放注册的 WordPress 站点来说,尤其是有会员购买服务的站点,可能需要禁止用户共享账号,也就是要禁止多个人同时登录一个账号。今天分享老外的一个方法,大家不妨试试。
将下面的代码到主题的 functions.php 中即可:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 |
/** * Detect if the current user has concurrent sessions * * @return bool */ function pcl_user_has_concurrent_sessions() { return ( is_user_logged_in() && count( wp_get_all_sessions() ) > 1 ); } /** * Get the user's current session array * * @return array */ function pcl_get_current_session() { $sessions = WP_Session_Tokens::get_instance( get_current_user_id() ); return $sessions->get( wp_get_session_token() ); } /** * Only allow one session per user * * If the current user's session has been taken over by a newer * session then we will destroy their session automattically and * they will have to login again to continue. * * @action init * * @return void */ function pcl_disallow_account_sharing() { if ( ! pcl_user_has_concurrent_sessions() ) { return; } $newest = max( wp_list_pluck( wp_get_all_sessions(), 'login' ) ); $session = pcl_get_current_session(); if ( $session['login'] === $newest ) { wp_destroy_other_sessions(); } else { wp_destroy_current_session(); } } add_action( 'init', 'pcl_disallow_account_sharing' ); |
/**
* Detect if the current user has concurrent sessions
*
* @return bool
*/
function pcl_user_has_concurrent_sessions() {
return ( is_user_logged_in() && count( wp_get_all_sessions() ) > 1 );
} /**
* Get the user’s current session array
*
* @return array
*/
function pcl_get_current_session() {
$sessions = WP_Session_Tokens::get_instance( get_current_user_id() ); return $sessions->get( wp_get_session_token() );
} /**
* Only allow one session per user
*
* If the current user’s session has been taken over by a newer
* session then we will destroy their session automattically and
* they will have to login again to continue.
*
* @action init
*
* @return void
*/
function pcl_disallow_account_sharing() {
if ( ! pcl_user_has_concurrent_sessions() ) {
return;
} $newest = max( wp_list_pluck( wp_get_all_sessions(), ‘login’ ) );
$session = pcl_get_current_session(); if ( $session[‘login’] === $newest ) {
wp_destroy_other_sessions();
} else {
wp_destroy_current_session();
}
}
add_action( ‘init’, ‘pcl_disallow_account_sharing’ );
如果大家不想折腾代码,可以直接下载插件 Prevent Concurrent Logins 安装启用也是一样的。
RSS