function drupal_valid_token

Validates a token based on $value, the user session, and the private key.

Parameters

$token: The token to be validated.

$value: An additional value to base the token on.

$skip_anonymous: Set to true to skip token validation for anonymous users.

Return value

True for a valid token, false for an invalid token. When $skip_anonymous is true, the return value will always be true for anonymous users.

12 calls to drupal_valid_token()
AggregatorController::feedRefresh in drupal/core/modules/aggregator/lib/Drupal/aggregator/Controller/AggregatorController.php
Refreshes a feed, then redirects to the overview page.
ajax_base_page_theme in drupal/core/includes/ajax.inc
Theme callback: Returns the correct theme for an Ajax request.
comment_approve in drupal/core/modules/comment/comment.pages.inc
Page callback: Publishes the specified comment.
CSRFAccessCheck::access in drupal/core/modules/rest/lib/Drupal/rest/Access/CSRFAccessCheck.php
Implements AccessCheckInterface::access().
drupal_validate_form in drupal/core/includes/form.inc
Validates user-submitted form data in the $form_state array.

... See full list

File

drupal/core/includes/common.inc, line 4053
Common functions that many Drupal modules will need to reference.

Code

function drupal_valid_token($token, $value = '', $skip_anonymous = FALSE) {
  global $user;
  return $skip_anonymous && $user->uid == 0 || $token == drupal_get_token($value);
}