Skip to content

Instantly share code, notes, and snippets.

@lukecav
Last active April 3, 2024 23:20
Show Gist options
  • Save lukecav/9e7775cbe3172ef32b5191f5b56d64fb to your computer and use it in GitHub Desktop.
Save lukecav/9e7775cbe3172ef32b5191f5b56d64fb to your computer and use it in GitHub Desktop.
Logout of WordPress without confirmation message
function getLogoutUrl($redirectUrl = ''){
if(!$redirectUrl) $redirectUrl = site_url();
$return = str_replace("&", '&', wp_logout_url($redirectUrl));
return $return;
}
/**
* Bypass logout confirmation on nonce verification failure
*/
function logout_without_confirmation($action, $result){
if(!$result && ($action == 'log-out')){
wp_safe_redirect(getLogoutUrl());
exit();
}
}
add_action( 'check_admin_referer', 'logout_without_confirmation', 1, 2);
@grove86prakash
Copy link

Below code worked fine for me

/**
 * Generates custom logout URL
 */
function getLogoutUrl($redirectUrl = ''){
    if(!$redirectUrl) $redirectUrl = site_url();
    $return = str_replace("&", '&', wp_logout_url($redirectUrl));
    return $return;
}

/**
 * Bypass logout confirmation on nonce verification failure
 */
function logout_without_confirmation($action, $result){
    if(!$result && ($action == 'log-out')){ 
        wp_safe_redirect(getLogoutUrl()); 
        exit(); 
    }
}
add_action( 'check_admin_referer', 'logout_without_confirmation', 1, 2);

@acornavi
Copy link

Below code worked fine for me

/**
 * Generates custom logout URL
 */
function getLogoutUrl($redirectUrl = ''){
    if(!$redirectUrl) $redirectUrl = site_url();
    $return = str_replace("&", '&', wp_logout_url($redirectUrl));
    return $return;
}

/**
 * Bypass logout confirmation on nonce verification failure
 */
function logout_without_confirmation($action, $result){
    if(!$result && ($action == 'log-out')){ 
        wp_safe_redirect(getLogoutUrl()); 
        exit(); 
    }
}
add_action( 'check_admin_referer', 'logout_without_confirmation', 1, 2);

I tried and it worked. Is this method safe?

@acornavi
Copy link

Can you update this code? It is not redirecting to the desired page.

add_action('check_admin_referer', 'logout_without_confirm', 10, 2);
function logout_without_confirm($action, $result)
{
/**
* Allow logout without confirmation
*/
if ($action == "log-out" && !isset($_GET['_wpnonce'])) {
$redirect_to = isset($_REQUEST['redirect_to']) ? $_REQUEST['redirect_to'] : 'url-you-want-to-redirect';
$location = str_replace('&', '&', wp_logout_url($redirect_to));
header("Location: $location");
die;
}
}

There was the missing part. I found this HERE.

@acornavi
Copy link

Here is a nice article about vulnerability of the wpnonce. Hope it wil give more insights.

@ebolamerican
Copy link

Below code worked fine for me

/**
 * Generates custom logout URL
 */
function getLogoutUrl($redirectUrl = ''){
    if(!$redirectUrl) $redirectUrl = site_url();
    $return = str_replace("&", '&', wp_logout_url($redirectUrl));
    return $return;
}

/**
 * Bypass logout confirmation on nonce verification failure
 */
function logout_without_confirmation($action, $result){
    if(!$result && ($action == 'log-out')){ 
        wp_safe_redirect(getLogoutUrl()); 
        exit(); 
    }
}
add_action( 'check_admin_referer', 'logout_without_confirmation', 1, 2);

This was VERY helpful, thanks!

@tuananhcwrs
Copy link

This works like a charm.
Thanks!

@kaelhoel
Copy link

kaelhoel commented Apr 29, 2021

What do you have to edit in the code to make it work? Can someone please explain it.

@mdrashedbinkuddus
Copy link

What do you have to edit in the code to make it work? Can someone please explain it.

Just go to your Appearance >> Theme editor >> Function.php file. And End of that file simply paste the above code

@lukecav
Copy link
Author

lukecav commented Aug 30, 2021

You can add the code into the functions.php file of the child theme, use a plugin like Code Snippets or add the code into a site-specific plugin.

https://wordpress.org/plugins/code-snippets/

@Alok-S-Sharma
Copy link

Hi Luke,

The code is very much working for me, except that it is not detecting the redirect_to URL as mentioned in the Logout URL, for e.g., /wp-login.php?action=logout&redirect_to=/login/

No matter whatever value I provide in redirect_to, I am always redirected to the homepage.

Can you please sort it out?

Thanks in advance.

@MarceloGlez
Copy link

Perfect for me! (youpage.com/wp-login.php?action=logout)

/**

  • Generates custom logout URL
    */
    function getLogoutUrl($redirectUrl = ''){
    if(!$redirectUrl) $redirectUrl = site_url();
    $return = str_replace("&", '&', wp_logout_url($redirectUrl));
    return $return;
    }

/**

  • Bypass logout confirmation on nonce verification failure
    */
    function logout_without_confirmation($action, $result){
    if(!$result && ($action == 'log-out')){
    wp_safe_redirect(getLogoutUrl());
    exit();
    }
    }
    add_action( 'check_admin_referer', 'logout_without_confirmation', 1, 2);

@bradthebluefish
Copy link

Below code worked fine for me

/**
 * Generates custom logout URL
 */
function getLogoutUrl($redirectUrl = ''){
    if(!$redirectUrl) $redirectUrl = site_url();
    $return = str_replace("&", '&', wp_logout_url($redirectUrl));
    return $return;
}

/**
 * Bypass logout confirmation on nonce verification failure
 */
function logout_without_confirmation($action, $result){
    if(!$result && ($action == 'log-out')){ 
        wp_safe_redirect(getLogoutUrl()); 
        exit(); 
    }
}
add_action( 'check_admin_referer', 'logout_without_confirmation', 1, 2);

Tried this yesterday. Worked for me. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment