WP_Session_Tokens::create( int $expiration )

Generate a session token and attach session information to it.


Description Description

A session token is a long, random string. It is used in a cookie link that cookie to an expiration time and to ensure the cookie becomes invalidated upon logout.

This function generates a token and stores it with the associated expiration time (and potentially other session information via the ‘attach_session_information’ filter).


Parameters Parameters

$expiration

(int) (Required) Session expiration timestamp.


Top ↑

Return Return

(string) Session token.


Top ↑

Source Source

File: wp-includes/class-wp-session-tokens.php

	final public function create( $expiration ) {
		/**
		 * Filters the information attached to the newly created session.
		 *
		 * Could be used in the future to attach information such as
		 * IP address or user agent to a session.
		 *
		 * @since 4.0.0
		 *
		 * @param array $session Array of extra data.
		 * @param int   $user_id User ID.
		 */
		$session = apply_filters( 'attach_session_information', array(), $this->user_id );
		$session['expiration'] = $expiration;

		// IP address.
		if ( !empty( $_SERVER['REMOTE_ADDR'] ) ) {
			$session['ip'] = $_SERVER['REMOTE_ADDR'];
		}

		// User-agent.
		if ( ! empty( $_SERVER['HTTP_USER_AGENT'] ) ) {
			$session['ua'] = wp_unslash( $_SERVER['HTTP_USER_AGENT'] );
		}

		// Timestamp
		$session['login'] = time();

		$token = wp_generate_password( 43, false, false );

		$this->update( $token, $session );

		return $token;
	}

Top ↑

Changelog Changelog

Changelog
Version Description
4.0.0 Introduced.


Top ↑

User Contributed Notes User Contributed Notes

You must log in before being able to contribute a note or feedback.