drupal_check_token
Definition
drupal_check_token()
includes/common.inc, line 919
Description
Check the form token if there is POST data for an authenticated user to defend against cross site request forgeries.
$_POST will be cleared if the token is absent or incorrect.
Related topics
Name | Description |
|---|---|
| Input validation | Functions to validate user input. |
Code
<?php
function drupal_check_token() {
global $user;
if ($user->uid && ($_SERVER['REQUEST_METHOD'] == 'POST') && !(isset($_POST['edit']) && isset($_POST['edit']['token']) && drupal_valid_token($_POST['edit']['token']))) {
drupal_set_message(t('Validation error. Please try again.'), 'error');
$_POST = array();
}
}
?>