[section label=”简介” anchor=”jj”]
对于WordPress有会员购买服务的站点来说,可能需要禁止用户共享账号,也就是要禁止多个人同时登录一个账号,今天SSS分享一个方法。

[section label=”functions” anchor=”functions”]
将下面的代码到主题的 functions.php 中即可:

* Detect if the current user has concurrent sessions
*
* @return bool
*/
function pcl_user_has_concurrent_sessions() {
return ( is_user_logged_in() && count( wp_get_all_sessions() ) > 1 );
}

/**
* Get the user's current session array
*
* @return array
*/
function pcl_get_current_session() {
$sessions = WP_Session_Tokens::get_instance( get_current_user_id() );

return $sessions->get( wp_get_session_token() );
}

/**
* Only allow one session per user
*
* If the current user's session has been taken over by a newer
* session then we will destroy their session automattically and
* they will have to login again to continue.
*
* @action init
*
* @return void
*/
function pcl_disallow_account_sharing() {
if ( ! pcl_user_has_concurrent_sessions() ) {
return;
}

$newest = max( wp_list_pluck( wp_get_all_sessions(), 'login' ) );
$session = pcl_get_current_session();

if ( $session['login'] === $newest ) {
wp_destroy_other_sessions();
} else {
wp_destroy_current_session();
}
}
add_action( 'init', 'pcl_disallow_account_sharing' );