Notify Admin on Session End

Hi reffellm,

There are some hooks available that you could use to achieve something like this, however I would caution that just because someone starts a new session does not necessarily mean they are abusing the system.

For instance, a user could be logged into your site from their computer at work, and then later decide to login from their iPad at home. This plugin will automatically destroy the session from their work computer, so when they arrive back to work the next day they will have to login again, thus destroying their iPad session at home. This is probably a very common use case that does not indicate abuse at all, and tallying the number of times this happens does not really indicate abuse either.

In order to truly track abuse you would need some kind of IP address / GeoIP tracking on the user to see if they are coming from a different country, region, or city. WordPress does log the IP address for each session, but it will not extrapolate geolocation data from them. For that, you would need a 3rd party service of some kind, such as freegeoip.net.

Hi ajia, there is no feature in the plugin for sending emails.

You simply need to use the hooks provided and do some custom development with them 🙂

Here is a basic (untested) example:

/**
 * Email the admin when PCL destroys sessions
 *
 * @action pcl_destroy_other_sessions
 * @action pcl_destroy_current_session
 *
 * @param int $user_id
 */
function ajia_pcl_email_notice( $user_id ) {

	$user = get_userdata( $user_id );

	wp_mail( get_option( 'admin_email' ), "PCL Notice: {$user->user_login}", "{$user->user_login} was logged out after logging in from a different computer." );

}
add_action( 'pcl_destroy_other_sessions', 'ajia_pcl_email_notice' );
add_action( 'pcl_destroy_current_session', 'ajia_pcl_email_notice' );