function drupal_valid_token
7.x common.inc | drupal_valid_token($token, $value = '', $skip_anonymous = FALSE) |
6.x common.inc | drupal_valid_token($token, $value = '', $skip_anonymous = FALSE) |
Validate a token based on $value, the current user session and private key.
Parameters
$token: The token to be validated.
$value: An additional value to base the token on.
$skip_anonymous: Set to true to skip token validation for anonymous users.
Return value
True for a valid token, false for an invalid token. When $skip_anonymous is true, the return value will always be true for anonymous users.
4 calls to drupal_valid_token()
- aggregator_admin_refresh_feed in drupal-6.x/
modules/ aggregator/ aggregator.admin.inc - Menu callback; refreshes a feed, then redirects to the overview page.
- drupal_validate_form in drupal-6.x/
includes/ form.inc - Validates user-submitted form data from the $form_state using the validate functions defined in a structured form array.
- form_get_cache in drupal-6.x/
includes/ form.inc - Fetch a form from cache.
- update.php in drupal-6.x/
update.php - Administrative page for handling updates from one Drupal version to another.
File
- drupal-6.x/
includes/ common.inc, line 2667 - Common functions that many Drupal modules will need to reference.
Code
function drupal_valid_token($token, $value = '', $skip_anonymous = FALSE) {
global $user;
return (($skip_anonymous && $user->uid == 0) || ($token === md5(session_id() . $value . variable_get('drupal_private_key', ''))));
}