You are here

function notifications_check_signature in Notifications 7

Same name and namespace in other branches
  1. 6.4 notifications.module \notifications_check_signature()

Check signature from URL and query string

6 calls to notifications_check_signature()
notifications_access_subscribe in ./notifications.module
Menu access callback for subscribe links.
notifications_access_unsubscribe in ./notifications.module
Menu access callback for unsubscribe links.
notifications_page_check_signature in ./notifications.pages.inc
Check current URL is signed
notifications_page_subscribe in ./notifications.pages.inc
Menu callback add subscription
notifications_page_unsubscribe_subscription in ./notifications.pages.inc
Menu callback for unsubscribe page

... See full list

File

./notifications.module, line 346
Notifications module

Code

function notifications_check_signature($option = 'result') {
  $page_checked =& drupal_static(__FUNCTION__);
  if (!isset($page_checked)) {
    $page_checked = array(
      'signed' => NULL,
      'result' => NULL,
      'timestamp' => 0,
      'skip' => FALSE,
    );
    if (!empty($_GET['signature'])) {
      $page_checked['signed'] = FALSE;
      $query = $_GET;
      $signature = $query['signature'];
      unset($query['signature']);
      unset($query['q']);

      // Trim out the path element
      $path = current_path();
      if ($signature === notifications_url_signature($path, $query)) {
        $paget_checked['signed'] = TRUE;

        // Now check timestamp, it should be < 7 days
        if (!empty($query['timestamp']) && time() - 24 * 7 * 3600 > (int) $query['timestamp']) {
          drupal_set_message(t('This link has expired. Please get a new one or contact the site administrator.'), 'error');
          $page_checked['result'] = FALSE;
        }
        else {

          // Signature is ok and timestamp is ok or we don't have one.
          // (If you sign links that never expire, that's your problem.)
          $page_checked['timestamp'] = isset($query['timestamp']) ? (int) $query['timestamp'] : 0;
          $page_checked['result'] = TRUE;
          $page_checked['skip'] = !empty($query['skip']);
        }
      }
      else {
        drupal_set_message(t('This link is not valid anymore. Please get a new one or contact the site administrator.'), 'error');
        return $page_checked['result'] = FALSE;
      }
    }
  }

  // Return nothing, we didn't have any signature
  return $option ? $page_checked[$option] : $page_checked;
}