From 9463aa70c246be655a0736a88e15c0ffdc2454b5 Mon Sep 17 00:00:00 2001
From: Jennifer Hodgdon <yahgrp@poplarware.com>
Date: Thu, 27 Feb 2014 14:46:39 -0800
Subject: [PATCH] Issue #2188289 by Jaypan, sun, Berdir: Fix docs for
 drupal_get_token()

---
 includes/common.inc | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/includes/common.inc b/includes/common.inc
index 40a7919e03ca..378a3a7cdcfd 100644
--- a/includes/common.inc
+++ b/includes/common.inc
@@ -5067,6 +5067,11 @@ function drupal_get_private_key() {
  * @param $value
  *   An additional value to base the token on.
  *
+ * The generated token is based on the session ID of the current user. Normally,
+ * anonymous users do not have a session, so the generated token will be
+ * different on every page request. To generate a token for users without a
+ * session, manually start a session prior to calling this function.
+ *
  * @return string
  *   A 43-character URL-safe token for validation, based on the user session ID,
  *   the hash salt provided from drupal_get_hash_salt(), and the