function user_login_finalize
Same name in other branches
- 9 core/modules/user/user.module \user_login_finalize()
- 8.9.x core/modules/user/user.module \user_login_finalize()
- 10 core/modules/user/user.module \user_login_finalize()
- 11.x core/modules/user/user.module \user_login_finalize()
Finalize the login process. Must be called when logging in a user.
The function records a watchdog message about the new session, saves the login timestamp, calls hook_user_login(), and generates a new session.
Parameters
array $edit: The array of form values submitted by the user.
See also
3 calls to user_login_finalize()
- install_configure_form_submit in includes/
install.core.inc - Form submission handler for install_configure_form().
- user_login_submit in modules/
user/ user.module - Submit handler for the login form. Load $user object and perform standard login tasks. The user is then redirected to the My Account page. Setting the destination in the query string overrides the redirect.
- user_pass_reset in modules/
user/ user.pages.inc - Menu callback; process one time login link and redirects to the user page on success.
File
-
modules/
user/ user.module, line 2324
Code
function user_login_finalize(&$edit = array()) {
global $user;
watchdog('user', 'Session opened for %name.', array(
'%name' => $user->name,
));
// Update the user table timestamp noting user has logged in.
// This is also used to invalidate one-time login links.
$user->login = REQUEST_TIME;
db_update('users')->fields(array(
'login' => $user->login,
))
->condition('uid', $user->uid)
->execute();
// Regenerate the session ID to prevent against session fixation attacks.
// This is called before hook_user in case one of those functions fails
// or incorrectly does a redirect which would leave the old session in place.
drupal_session_regenerate();
user_module_invoke('login', $edit, $user);
}
Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.