I’ve created my own code based on this good article – https://shocksolution.com/2019/04/16/find-last-login-time-for-wordpress-users-in-the-sql-database/ to get the last login date for a user.
I’m finding that not all users have a ‘session_tokens’ meta_key record in the usermata table despite having logged in several times.
Could some one explain that please?
Many thanks
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
When a session is destroyed, it’s removed from the list in the meta. Importantly, if the list is empty, the meta is deleted.
So if a user logs out, if a session expires, if a user is deleted, or if the user clears their sessions on their profile page, these can all result in no sessions, so no user meta.
The root problem is a misunderstanding of what these sessions are. It is not the time of the last login, it is the time that the active sessions started. If there are no active sessions there are no sessions to list.
So, if I log in on a desktop on Monday, a mobile on Tuesday, and then log out of the mobile on Wednesday, your code will say I last logged in Monday, not Tuesday. The session for the mobile ended, and was cleaned up.
This way, it is possible to log in without detection. This method cannot be used to reliably detect the last time the user was seen.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0