Support » Fixing WordPress » Can’t log out

  • Hi,

    Set up blog. Added another user as Administrator and tested to see if that user was set up OK.

    Everything seems fine – except I can’t log out! If I close the window down and go for the login panle it just takes me straight to the dashboard.

    There are no error messages. It is trying to do the logout but just returns to the dashboard, logged in.

    Can anyone help.

    Many thanks.

Viewing 13 replies - 1 through 13 (of 13 total)
  • Jeremy Clark



    Look in the top right of the dashboard for a link called sign out. I bet you can imagine what that does 🙂

    Ummm. Not to be funny, but that’s the thing I’m talking about. Clicking on sign out does precisely nothing. I’m still logged in. No errors, just a refresh of the dashboard.

    Closing down the window and going back to the login screen – takes me, not to the login screen, but directly into the dashboard. I realise that’s the cookie, but it obviously isn’t logging me out at all. So I cleared all cokkies. Went to the login screen. Logged in again and, lo and behold, cannot logout again.

    Very strange. Now of my other wordpress sites have ever had this problem. And I have been onto others today, logging in and out normally. This site has just been moved to a new host and I guess it will be a setting somewhere. But I haven’t a clue where to look.

    Jeremy Clark



    Something with the new host not processing cookies right. Have a talk with them.

    I have exact the same problem – ‘sign out’ link does not log me out and redirects to dashboard. Same version of WP – 2.1.2

    I have set it up on 2 separate websites – different hosts (one Windows/IIS, the other Linux/apache) and experienced the problem on both setups so it is not likely to be hosting related.

    I do not know steps to reproduce this bug – all I know is right now I am ‘locked in’ in my Firefox browser but I tested my IE6 browser and logout is working ok at the moment.

    Smells like a cookie related bug to me.

    My hunch was that it is something to do with switching between using the ‘www’ before the domain name and not using it – which may affect how the cookies are accessed.


    I’ve figured a way to reproduce this bug:

    1. go to login page e.g. and log in.
    2. Click Sign Out to log out
    3. now go to login page without the ‘www’ and login
    4. Click Sign Out to log out
    5. go to the login page WITH the www bit. You should be still logged out but instead you may find that you are still actually logged in and it will take you directly to dashboard

    Note: depending on your config you may need to switch around and start with the ‘no www’ case first in order to reproduce.

    Once you get ‘locked in’ the only way I know to log out is to clear your cookies in the browser

    Playing around with it a bit further, I expected that another way to logout would be to copy the url from the sign out link and manually add in the ‘www’ bit. But to my surprise that did not work as expected. What happened is that it did actually log me out but then when I removed the ‘www’ from the url I discovered I was still logged in! So then I tried this again immediately followed by going to the log out url without the ‘www’. However that would not log me out – it redirected back to the dashboard still logged in. Baffling!

    I have been experiencing the same error.
    Removing all the cookies works, but I don’t know how to remedy this.

    I recommend that if you have multiple users, use separate browsers per user.

    ie. admin is Safari
    user2 is mozilla.

    I am using WP in addition to amember pro and am wondering if this is a result of the combination or if this error is just a WP error.


    Jeremy Clark



    One way to resolve this is to only have your blog accessible by one address. In other words redirect the www version to the version without www.

    It’s definitly a cookie related bug.
    Wordpress sets two cookies in the pluggable.php with the following code:
    setcookie(USER_COOKIE, ‘ ‘, time() – 31536000, COOKIEPATH, COOKIE_DOMAIN);
    setcookie(PASS_COOKIE, ‘ ‘, time() – 31536000, COOKIEPATH, COOKIE_DOMAIN);
    setcookie(USER_COOKIE, ‘ ‘, time() – 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);
    setcookie(PASS_COOKIE, ‘ ‘, time() – 31536000, SITECOOKIEPATH, COOKIE_DOMAIN);

    As you can see there are two paths which could be the problem.

    I have this Problem with a Subdomain. A ticket about this Problem can be found here (opened two years ago and last modified 2 days ago)

    My Solution

    Delete all Cookies in your Browser

    Open: \wp-includes\pluggable.php
    if ( $cookiepath != $sitecookiepath ) {
    setcookie(USER_COOKIE, $username, $expire, $sitecookiepath, COOKIE_DOMAIN);
    setcookie(PASS_COOKIE, $password, $expire, $sitecookiepath, COOKIE_DOMAIN);

    With: `/*
    if ( $cookiepath != $sitecookiepath ) {
    setcookie(USER_COOKIE, $username, $expire, $sitecookiepath, COOKIE_DOMAIN);
    setcookie(PASS_COOKIE, $password, $expire, $sitecookiepath, COOKIE_DOMAIN);

    Login again and try to logout.
    Fixed the Problem for me (Subdomain)

    Oh, forgott to tell you that u have to change the lines before the replace stuff.

    setcookie(USER_COOKIE, $username, $expire, $sitecookiepath, COOKIE_DOMAIN);
    setcookie(PASS_COOKIE, $password, $expire, $sitecookiepath, COOKIE_DOMAIN);

    ($cookiepath to $sitecookiepath)

    So, I’m bringing this one back up. I’ve tested under WP 2.3.2 with two different browsers and two different blogs. General info: Mac OS 10.5.1; I’d’ve have to look up the PHP and MsSQL.

    ==> Under Safari 3.04 with blogA and blogB, I quite literally cannot log off; I can see the post-data ‘logout=”true”‘ flash by on the toolbar location window, but I’m just returned to the dashboard. Because I can’t get to the login screen, I can’t determine the status of the keep-me-logged-on checkbox.

    ==> Under Firefox, when I click the logout (sign out) link, I’m dumped back to the login window, but both the userid and the password fields are completed correctly. The keep-me-logged-on checkbox is not checked. When I log in as a different user and then log out, dumped back to the login window, but both the userid and the password fields are completed as the admin user with the admin user’s password.

    Does that look like a security problem?

    I’ll toss cookies (not the kind I tossed when I was a lot younger!) and then I’ll test again. Also, I’ll test on a different box soon.

    I have two parallel working sites (internal,external). External for the un-logged-in users (or un-registered) and internal for the logged in users. I created this system to fix a security breach. However all th login links had to be redirected to the internal site which I manged to do. The problem is that all the logout links have to be redirected as well (I can not use meta widget). So, having all this said… does anyone know how to make a working logout button?



Viewing 13 replies - 1 through 13 (of 13 total)
  • The topic ‘Can’t log out’ is closed to new replies.