对于开放注册的 WordPress 站点来说,尤其是有会员购买服务的站点,可能需要禁止用户共享账号,也就是要禁止多个人同时登录一个账号。

将下面的代码到主题的 functions.php 中即可:

/**
 * Detect if the current user has concurrent sessions
 *
 * @return bool
 */
function pcl_user_has_concurrent_sessions() {
 return ( is_user_logged_in() && count( wp_get_all_sessions() ) > 1 );
}
 
/**
 * Get the user's current session array
 *
 * @return array
 */
function pcl_get_current_session() {
 $sessions = WP_Session_Tokens::get_instance( get_current_user_id() );
 
 return $sessions->get( wp_get_session_token() );
}
 
/**
 * Only allow one session per user
 *
 * If the current user's session has been taken over by a newer
 * session then we will destroy their session automattically and
 * they will have to login again to continue.
 *
 * @action init
 *
 * @return void
 */
function pcl_disallow_account_sharing() {
 if ( ! pcl_user_has_concurrent_sessions() ) {
 return;
 }
 
 $newest = max( wp_list_pluck( wp_get_all_sessions(), 'login' ) );
 $session = pcl_get_current_session();
 
 if ( $session['login'] === $newest ) {
 wp_destroy_other_sessions();
 } else {
 wp_destroy_current_session();
 }
}
add_action( 'init', 'pcl_disallow_account_sharing' );

直接下载插件 Prevent Concurrent Logins,安装启用可以实现同样的功能。

[ via ]

# # #

分享此文: 微信 新浪微博 QQ
上一篇

夜色难耐

下一篇

WordPress 函数:count_user_posts 获取用户文章数

发表评论

发表评论