function user_pass_rehash
7.x user.module | user_pass_rehash($password, $timestamp, $login) |
6.x user.module | user_pass_rehash($password, $timestamp, $login) |
Creates a unique hash value for use in time-dependent per-user URLs.
This hash is normally used to build a unique and secure URL that is sent to the user by email for purposes such as resetting the user's password. In order to validate the URL, the same hash can be generated again, from the same information, and compared to the hash value from the URL. The URL normally contains both the time stamp and the numeric user ID. The login timestamp and hashed password are retrieved from the database as necessary. For a usage example, see user_cancel_url() and user_cancel_confirm().
Parameters
string $password: The hashed user account password value.
int $timestamp: A UNIX timestamp, typically REQUEST_TIME.
int $login: The UNIX timestamp of the user's last login.
Return value
A string that is safe for use in URLs and SQL statements.
- StatisticsAdminTestCase::testDeleteUser in drupal-7.x/
modules/ statistics/ statistics.test - Tests that accesslog reflects when a user is deleted.
- UserCancelTestCase::testUserAnonymize in drupal-7.x/
modules/ user/ user.test - Delete account and anonymize all content.
- UserCancelTestCase::testUserBlock in drupal-7.x/
modules/ user/ user.test - Disable account and keep all content.
- UserCancelTestCase::testUserBlockUnpublish in drupal-7.x/
modules/ user/ user.test - Disable account and unpublish all content.
- UserCancelTestCase::testUserCancelInvalid in drupal-7.x/
modules/ user/ user.test - Attempt invalid account cancellations.
File
- drupal-7.x/
modules/ user/ user.module, line 2379 - Enables the user registration and login system.
Code
function user_pass_rehash($password, $timestamp, $login) {
return drupal_hmac_base64($timestamp . $login, drupal_get_hash_salt() . $password);
}