function UserController::validatePathParameters
Validates hash and timestamp.
Parameters
\Drupal\user\UserInterface $user: User requesting reset.
int $timestamp: The timestamp.
string $hash: Login link hash.
int $timeout: Link expiration timeout.
Return value
bool Whether the provided data are valid.
3 calls to UserController::validatePathParameters()
- UserController::confirmCancel in core/
modules/ user/ src/ Controller/ UserController.php - Confirms cancelling a user account via an email link.
- UserController::determineErrorRedirect in core/
modules/ user/ src/ Controller/ UserController.php - Validates user, hash, and timestamp.
- UserController::resetPass in core/
modules/ user/ src/ Controller/ UserController.php - Redirects to the user password reset form.
File
-
core/
modules/ user/ src/ Controller/ UserController.php, line 342
Class
- UserController
- Controller routines for user routes.
Namespace
Drupal\user\ControllerCode
protected function validatePathParameters(UserInterface $user, int $timestamp, string $hash, int $timeout = 0) : bool {
$current = \Drupal::time()->getRequestTime();
$timeout_valid = !empty($timeout) && $current - $timestamp < $timeout || empty($timeout);
return $timestamp >= $user->getLastLoginTime() && $timestamp <= $current && $timeout_valid && hash_equals($hash, user_pass_rehash($user, $timestamp));
}