drupal_valid_token

Versions
4.6: drupal_valid_token($token, $value = '')
4.7 – 7: drupal_valid_token($token, $value = '', $skip_anonymous = FALSE)

Validate a token based on $value, the current user session and private key.

Parameters

$token The token to be validated.

$value An additional value to base the token on.

$skip_anonymous Set to true to skip token validation for anonymous users.

Return value

True for a valid token, false for an invalid token. When $skip_anonymous is true, the return value will always be true for anonymous users.

Related topics

▸ 6 functions call drupal_valid_token()

▾ 6 functions call drupal_valid_token()

drupal_validate_form in includes/form.inc
poll_view_voting in modules/poll.module: Generates the voting form for a poll.
user_admin_access_add in modules/user.module: Menu callback: add an access rule
user_admin_access_edit in modules/user.module: Menu callback: edit an access rule
user_admin_edit_role_validate in modules/user.module
user_admin_new_role_validate in modules/user.module

Code

includes/common.inc, line 1391

<?php
function drupal_valid_token($token, $value = '', $skip_anonymous = FALSE) {
  global $user;
  return (($skip_anonymous && $user->uid == 0) || ($token == md5(session_id() . $value . variable_get('drupal_private_key', ''))));
}
?>

Login or register to post comments

All source code and documentation on this site is released under the terms of the GNU General Public License, version 2 and later. Drupal is a registered trademark of Dries Buytaert.