WordPress.org
Get WordPress
WordPress.org

WordPress Developer Resources

wp_clear_auth_cookie()

wp_clear_auth_cookie()

In this article

Back to top

Removes all of the cookies associated with authentication.

More Information

This function can be replaced via plugins. If plugins do not redefine these functions, then this will be used instead.

Source

function wp_clear_auth_cookie() {
	/**
	 * Fires just before the authentication cookies are cleared.
	 *
	 * @since 2.7.0
	 */
	do_action( 'clear_auth_cookie' );

	/** This filter is documented in wp-includes/pluggable.php */
	if ( ! apply_filters( 'send_auth_cookies', true, 0, 0, 0, '', '' ) ) {
		return;
	}

	// Auth cookies.
	setcookie( AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, ADMIN_COOKIE_PATH, COOKIE_DOMAIN );
	setcookie( SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, ADMIN_COOKIE_PATH, COOKIE_DOMAIN );
	setcookie( AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN );
	setcookie( SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, PLUGINS_COOKIE_PATH, COOKIE_DOMAIN );
	setcookie( LOGGED_IN_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN );
	setcookie( LOGGED_IN_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN );

	// Settings cookies.
	setcookie( 'wp-settings-' . get_current_user_id(), ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH );
	setcookie( 'wp-settings-time-' . get_current_user_id(), ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH );

	// Old cookies.
	setcookie( AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN );
	setcookie( AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN );
	setcookie( SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN );
	setcookie( SECURE_AUTH_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN );

	// Even older cookies.
	setcookie( USER_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN );
	setcookie( PASS_COOKIE, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN );
	setcookie( USER_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN );
	setcookie( PASS_COOKIE, ' ', time() - YEAR_IN_SECONDS, SITECOOKIEPATH, COOKIE_DOMAIN );

	// Post password cookie.
	setcookie( 'wp-postpass_' . COOKIEHASH, ' ', time() - YEAR_IN_SECONDS, COOKIEPATH, COOKIE_DOMAIN );
}

View all references View on Trac View on GitHub

Hooks

do_action( ‘clear_auth_cookie’ )

Fires just before the authentication cookies are cleared.

apply_filters( ‘send_auth_cookies’, bool $send, int $expire, int $expiration, int $user_id, string $scheme, string $token )

Allows preventing auth cookies from actually being sent to the client.

UsesDescription
do_action()wp-includes/plugin.php

Calls the callback functions that have been added to an action hook.

apply_filters()wp-includes/plugin.php

Calls the callback functions that have been added to a filter hook.

get_current_user_id()wp-includes/user.php

Gets the current user’s ID.

Show 1 moreShow less
Used byDescription
wp_logout()wp-includes/pluggable.php

Logs the current user out.

wp_update_user()wp-includes/user.php

Updates a user in the database.

wp_clearcookie()wp-includes/pluggable-deprecated.php

Clears the authentication cookie, logging the user out. This function is deprecated.

Changelog

VersionDescription
2.5.0Introduced.

User Contributed Notes

You must log in before being able to contribute a note or feedback.