function drupal_get_token

Generates a token based on $value, the user session, and the private key.


$value: An additional value to base the token on.

The generated token is based on the session ID of the current user. Normally, anonymous users do not have a session, so the generated token will be different on every page request. To generate a token for users without a session, manually start a session prior to calling this function.

Return value

string A 43-character URL-safe token for validation, based on the user session ID, the hash salt provided from drupal_get_hash_salt(), and the 'drupal_private_key' configuration variable.

See also


17 calls to drupal_get_token()
aggregator_view in modules/aggregator/
Displays the aggregator administration page.
comment_links in modules/comment/comment.module
Helper function, build links for an individual comment.
dashboard_admin in modules/dashboard/dashboard.module
Page callback: Displays the dashboard.
drupal_prepare_form in includes/
Prepares a structured form array.
drupal_process_form in includes/
Processes a form submission.

... See full list


includes/, line 5358


function drupal_get_token($value = '') {
    return drupal_hmac_base64($value, session_id() . drupal_get_private_key() . drupal_get_hash_salt());

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.