Returns the test prefix if this is an internal request from SimpleTest.
Either the simpletest prefix (the string "simpletest" followed by any number of digits) or FALSE if the user agent does not contain a valid HMAC and timestamp.
function drupal_valid_test_ua() {
// No reason to reset this.
static $test_prefix;
if (isset($test_prefix)) {
return $test_prefix;
}
if (isset($_SERVER['HTTP_USER_AGENT']) && preg_match("/^(simpletest\\d+);(.+);(.+);(.+)\$/", $_SERVER['HTTP_USER_AGENT'], $matches)) {
list(, $prefix, $time, $salt, $hmac) = $matches;
$check_string = $prefix . ';' . $time . ';' . $salt;
// We use the salt from settings.php to make the HMAC key, since
// the database is not yet initialized and we can't access any Drupal variables.
// The file properties add more entropy not easily accessible to others.
$key = drupal_get_hash_salt() . filectime(__FILE__) . fileinode(__FILE__);
$time_diff = REQUEST_TIME - $time;
// Since we are making a local request a 5 second time window is allowed,
// and the HMAC must match.
if ($time_diff >= 0 && $time_diff <= 5 && $hmac == drupal_hmac_base64($check_string, $key)) {
$test_prefix = $prefix;
return $test_prefix;
}
}
$test_prefix = FALSE;
return $test_prefix;
}