描述
Take control of the “Remember Me” login feature for WordPress by having it enabled by default, customize how long users are remembered, or disable this built-in feature by default.
For those unfamiliar, “Remember Me” is a checkbox present when logging into WordPress. If checked, WordPress will remember the login session for 14 days. If unchecked, the login session will be remembered for only 2 days. Once a login session expires, WordPress will require you to log in again if you wish to continue using the admin section of the site.
This plugin provides three primary controls over the behavior of the “Remember Me” feature:
- Automatically check “Remember Me” : The ability to have the “Remember Me” checkbox automatically checked when the login form is loaded (it isn’t checked by default).
- Customize the duration of the “Remember Me” : The ability to customize how long WordPress will remember a login session when “Remember Me” is checked, either forever or a customizable number of hours.
- Disable “Remember Me” : The ability to completely disable the feature, preventing the checkbox from appearing and restricting all login sessions to 2 days.
NOTE: WordPress remembers who you are based on cookies stored in your web browser. If you use a different web browser, clear your cookies, use a browser on a different machine, or uninstall/reinstall (and possibly even just restarting) your browser then you will have to log in again since WordPress will not be able to locate the cookies needed to identify you.
Compatibility
Other than the plugins listed below, compatibility has not been tested or attempted for any other third-party plugins that provide their own login widgets or login handling.
Special handling has been added to provide compatibility with the following plugins:
- BuddyPress (in particular, its “Log in” widget)
- Sidebar Login
- Login Widget With Shortcode
Links: Plugin Homepage | Plugin Directory Page | GitHub | Author Homepage
屏幕截图
安装
- Whether installing or updating, whether this plugin or any other, it is always advisable to back-up your data before starting
- Install via the built-in WordPress plugin installer. Or install the plugin code inside the plugins directory for your site (typically
/wp-content/plugins/
). - Activate the plugin through the ‘Plugins’ admin menu in WordPress
- Go to “Settings” -> “Remember Me” and configure the settings
常见问题
-
How long does WordPress usually keep me logged in?
-
By default, if you log in without “Remember Me” checked, WordPress keeps you logged in for up to 2 days. If you check “Remember Me” (without this plugin active), WordPress keeps you logged in for up to 14 days.
-
Why am I being asked to log in again even though I’ve configured the plugin to remember me forever (or an otherwise long enough duration that hasn’t been met yet)?
-
WordPress remembers who you are based on cookies stored in your web browser. If you use a different web browser, clear your cookies, use a browser on a different machine, the site owner invalidates all existing login sessions, or you uninstall/reinstall (and possibly even just restart) your browser then you will have to log in again since WordPress will not be able to locate the cookies needed to identify you.
Also, if you changed the remember me duration but hadn’t logged out after having done so, that particular login session would still be affected by the default (or previously configured) duration.
-
How can I set the session duration to less than an hour?
-
You can’t (and probably shouldn’t). With a session length of less than an hour you risk timing out users too quickly.
-
Do changes to the remember me duration take effect for all current login sessions?
-
No. The duration for which a login cookie is valid is defined within the cookie when it gets created (which is when you log in). Changing the setting for the remember me duration will only affect cookies created thereafter. You can log out and then log back in if you want the newly configured remember me duration to apply to your session. More precisely, the changes take effect for all new logins, which can happen after a preexisting login session expires, the user logs out, or the user’s cookies are cleared in their browser (manually or automatically).
-
Why are some of the plugin settings disabled?
-
Certain settings being enabled may disable other settings that get superceded by the enabled setting. For instance, if the “Never remember?” setting is enabled, then all other settings are disabled since they wouldn’t apply. The onscreen help text for each setting indicates what other settings are relatedly affected.
-
How can I make the plugin configuration changes I’ve made take effect immediately?
-
As explained in the previous FAQ entry, changes to the plugin’s settings only take effect the next time a user logs in. Existing login sessions will abide by the remember me duration configured at the time they logged into their current session.
The login cookies for a user session can become invalidated by the visitor by logging out or clearing their cookies.
Here are some options to force all active login sessions to abide by the current login session duration:
* Manually refresh your site’s authentication keys and salts.
* Use WP-CLI to regenerate salts.
* Use the plugin WPForce Logout (to force session logouts) or Salt Shaker (to regenerate salts). Note: Plugins are merely suggestions and not necessarily recommendations. -
What plugins are this plugin compatible with?
-
Special handling has been added to provide compatibility with the following plugins:
- BuddyPress (in particular, its “Log in” widget)
- Sidebar Login
- Login Widget With Shortcode
-
Is this plugin GDPR-compliant?
-
Yes. This plugin does not collect, store, or disseminate any information from any users or site visitors.
-
Does this plugin include unit tests?
-
Yes. The tests are not packaged in the release .zip file or included in plugins.svn.wordpress.org, but can be found in the plugin’s GitHub repository.
评价
贡献者及开发者
更新日志
2.1 (2024-09-01)
Highlights:
This minor release primarily updates the plugin framework to the most current version (for security hardening and miscellaneous improvements), prevents translations from containing unintended markup, notes compatibility through WP 6.6+, drops compatibility with versions of WP older than 5.5, and removes unit tests from release packaging.
Details:
- Change: Update plugin framework to 067
- 067:
- Change: Simplify
form_action_url()
to avoid using a server global - Change: Use
form_action_url()
inplugin_action_links()
rather than duplicating its functionality - Change: Escape output of all translated strings
- Change: Convert
register_filters()
to an abstract declaration - Change: Improve function documentation
- Change: Adjust function documentation formatting to align with WP core
- Change: Note compatibility through WP 6.5+
- Change: Drop compatibility with version of WP older than 5.5
- 066:
- New: Add customization of capability needed to manage plugin settings (via new filter {plugin_prefix}_manage_options_capability)
- Change: Make
get_hook()
public rather than protected - Change: Add styles for nested lists within settings descriptions
- Change: Simplify
form_action_url()
- Change: Use
form_action_url()
inplugin_action_links()
rather than duplicating its functionality - Change: Explicitly declare object variables rather than doing so dynamically. Fixes #1.
- Change: Note compatibility through WP 6.4+
- Change: Update copyright date (2024)
- Change: Ensure translations don’t contain unintended markup
- Change: Add missing inline comments to translators
- Change: Note compatibility through WP 6.6+
- Change: Drop compatibility with versions of WP older than 5.5
- Change: Update copyright date (2024)
- New: Add
.gitignore
file - Change: Remove development and testing-related files from release packaging
- Change: Reduce number of ‘Tags’ from
readme.txt
- Change: Tweak text formatting in
README.md
- Unit tests:
- Hardening: Prevent direct web access to
bootstrap.php
- Allow tests to run against current versions of WordPress
- New: Add
composer.json
for PHPUnit Polyfill dependency - Change: Prevent PHP warnings due to missing core-related generated files
- Change: In bootstrap, store path to plugin directory in a constant
- Hardening: Prevent direct web access to
2.0.1 (2023-06-19)
Highlights:
This is minor bugfix release fixes the plugin settings page’s info banner that reports the current remembered session duration. When the WordPress default remembered session duration (of “14 days”) is applicable, that value is now shown instead of stating an incorrect value (“2 days”). Actual session durations and plugin functionality were not affected.
Details:
- Fix: Fix info banner reporting the wrong remembered duration (of “2 days”) when the default WordPress remembered duration applies (which is “14 days”)
- New: Add
get_default_remembered_login_duration()
- Change: Add optional argument to
get_login_session_duration()
to indicate if the default duration should be the default remembered duration or not - Change: Updated screenshot
2.0 (2023-06-14)
Highlights:
This is a recommended and notable release that improves the labeling, help text, data display, and functionality of the plugin’s settings page; restructures the unit tests; verifies compatibility through WordPress 6.2+; and other minor behind-the-scenes tweaks.
Details:
- New: Add a notice banner to settings page to provide human-friendly summary of current login session duration
- New: Add getters for the acceptable maximum, minimum, and default non-remembered login duration values
- Change: Enforce a minimum of one hour for login session duration
- Change: Return default login session duration (2 days) if for some reason a 0 duration is encountered
- Change: Improve plugin’s settings page
- Change: Dynamically disable settings input fields if their functionality is disabled by another setting’s value
- Change: Display notable helptext for settings as inline notices
- Change: Clarify that disabling the “Remember Me” feature will causes sessions to last 2 days, not 1
- Change: Use a number field as the duration input field
- Change: Reword labels and help text for clarity and brevity
- Change: Add additional help text to clarify how settings are related
- Change: Improve style and layout of help text
- Change: Output newlines after block-level tags in settings page
- Change: Omit
type
attribute toscript
andstyle
tags - Change: Improve formatting of text in Help panel
- Change: Add FAQ item to address how to make login session duration changes take effect immediately
- Change: Update plugin framework to 065
- 065:
- New: Add support for ‘inline_help’ setting configuration option
- New: Add support for ‘raw_help’ setting configuration option
- New: Add support for use of lists within settings descriptions
- Change: Add an ‘id’ attribute to settings form
- Change: Add styles for disabled input text fields and inline setting help notices
- Change: Support ‘number’ input by assigning ‘small-text’ class
- Change: Tweak styling for settings page footer
- Change: Note compatibility through WP 6.2+
- Change: Update copyright date (2023)
- 064:
- New: For checkbox settings, support a ‘more_help’ config option for defining help text to appear below checkbox and its label
- Fix: Fix URL for plugin listing donate link
- Change: Store donation URL as object variable
- Change: Update strings used for settings page donation link
- 063:
- Fix: Simplify settings initialization to prevent conflicts with other plugins
- Change: Remove ability to detect plugin settings page before current screen is set, as it is no longer needed
- Change: Enqueue thickbox during
'admin_enqueue_scripts'
action instead of during'init'
- Change: Use
is_plugin_admin_page()
inhelp_tabs()
instead of reproducing its functionality - Change: Trigger a debugging warning if
is_plugin_admin_page()
is used before'admin_init'
action is fired - 062:
- Change: Update
is_plugin_admin_page()
to useget_current_screen()
when available - Change: Actually prevent object cloning and unserialization by throwing an error
- Change: Check that there is a current screen before attempting to access its property
- Change: Remove ‘type’ attribute from
style
tag - Change: Incorporate commonly defined styling for inline_textarea
- 061:
- Fix bug preventing settings from getting saved
- 060:
- Rename class from
c2c_{PluginName}_Plugin_051
toc2c_Plugin_060
- Move string translation handling into inheriting class making the plugin framework code plugin-agnostic
- Add abstract function
get_c2c_string()
as a getter for translated strings - Replace all existing string usage with calls to
get_c2c_string()
- Add abstract function
- Handle WordPress’s deprecation of the use of the term “whitelist”
- Change: Rename
whitelist_options()
toallowed_options()
- Change: Use
add_allowed_options()
instead of deprecatedadd_option_whitelist()
for WP 5.5+ - Change: Hook
allowed_options
filter instead of deprecatedwhitelist_options
for WP 5.5+
- Change: Rename
- New: Add initial unit tests (currently just covering
is_wp_version_cmp()
andget_c2c_string()
) - Add
is_wp_version_cmp()
as a utility to compare current WP version against a given WP version - Refactor
contextual_help()
to be easier to read, and correct function docblocks - Don’t translate urlencoded donation email body text
- Add inline comments for translators to clarify purpose of placeholders
- Change PHP package name (make it singular)
- Tweak inline function description
- Note compatibility through WP 5.7+
- Update copyright date (2021)
- Change: Move translation of all parent class strings into main plugin file
- Change: Note compatibility through WP 6.2+
- Change: Update copyright date (2023)
- Change: Tweak installation instruction
- Unit tests:
- New: Add unit tests specific to plugin framework
- Change: Restructure unit test directories
- Change: Move
bin/
intotests/
- Change: Move
tests/bootstrap.php
intotests/phpunit/
- Change: Move
tests/test-*.php
intotests/phpunit/tests/
- Change: Move
- Change: Remove ‘test-‘ prefix from unit test file
- Change: Rename
phpunit.xml
tophpunit.xml.dist
per best practices - Change: In bootstrap, store path to plugin file constant
- Change: In bootstrap, add backcompat for PHPUnit pre-v6.0
Full changelog is available in CHANGELOG.md.