BuddyDev

Search

[Resolved] Clear cookies on logout

  • Participant
    Level: Guru
    Posts: 900
    Tosin on #45240

    Hello,

    Please can you take a look at this code. Is it safe to use without any negative effects with buddypress

     add_action('wp_logout', function () {
      array_map(function ($k) {
        setcookie($k, FALSE, time()-YEAR_IN_SECONDS, '', COOKIE_DOMAIN);
      }, array_keys($_COOKIE));
    }, 99999);
     
  • Keymaster
    (BuddyDev Team)
    Posts: 24642
    Brajesh Singh on #45247

    Hi Tosin,
    I am not seeing any issue with BuddyPress.

    Though I am not sure of the purpose of the code. WordPress already removes any auth related cookies on logout.

    The above will remove any other cookie(preference etc if saved).

    Regards
    Brajesh

  • Participant
    Level: Guru
    Posts: 900
    Tosin on #45253

    I am only looking at security and privacy benefits, because if there are vulnerabilities in WordPress or in your browser, or if someone has access to your computer or device, they may be able to access these cookies.

    Likewise, when a user logs out of your site using a public or shared computer, there won’t be any domain cookies left behind.

    The code gives you back the “regular user view” of your site, because after you log out you can browse your site as an anonymous user, without having to manually clear cookies in your browser. (There are some plugins that will display different content or show cached or uncached versions of pages if they see that WordPress cookies have been set.)

  • Keymaster
    (BuddyDev Team)
    Posts: 24642
    Brajesh Singh on #45258

    Hi Tosin,
    Thank you for the explanation.

    It is always good to know about the reasons driving a decision.

    Regards
    Brajesh

You must be logged in to reply to this topic.

This topic is: resolved