Hi,
I am developing a WordPress theme to improve myself. I want to add ?user=logout to show a notification in the url so that logged in users stay on the current page if they log out. The code below does this, but I learned that I need to use get\_permalink(); instead of $\_SERVER\[‘HTTP\_REFERER’\] to try security issues. I edited the code as in part 2, but as you can see in the image, it redirects to the standard “you are logging out, are you sure?” page because I am using the feature of WordPress. How can I get rid of this situation?
1- $\_SERVER\[‘HTTP\_REFERER’\]
function logout_redirect_with_param() {
// Get the current page URL
$redirect_url = $_SERVER[‘HTTP_REFERER’];
// Check if the referer is set and not the logout URL
if (isset($redirect_url) && !strpos($redirect_url, ‘logout’)) {
$redirect_url = add_query_arg(‘user’, ‘logout’, $redirect_url); // Add ‘?user=logout’ parameter to current page URL
} else {
$redirect_url = home_url(); // Redirect to home page if referer is not set or logout URL
}
// Redirect to the new URL
wp_redirect($redirect_url);
exit;
}
add_action(‘wp_logout’, ‘logout_redirect_with_param’);
2- get\_permalink();
function logout_redirect_with_param() {
// Get the current page URL
$redirect_url = get_permalink();
// Check if the page URL is not the logout URL
if (strpos($redirect_url, ‘logout’) === false) {
$redirect_url = add_query_arg(‘user’, ‘logout’, $redirect_url); // Add ‘?user=logout’ parameter to current page URL
} else {
$redirect_url = home_url(); // Redirect to home page if current page URL is logout URL
}
// Redirect to the new URL
wp_redirect($redirect_url);
exit;
}
add_action(‘wp_logout’, ‘logout_redirect_with_param’);
Conclusion: [http://localhost:8091/wp-login.php?action=logout&redirect\_to=index.php&\_wpnonce=658a4386c5&user=logout](http://localhost:8091/wp-login.php?action=logout&redirect_to=index.php&_wpnonce=658a4386c5&user=logout)
img
​
[ad_2]