Revision 1524
Added by Dietmar over 12 years ago
SecureForm.php | ||
---|---|---|
83 | 83 |
|
84 | 84 |
private function _generate_fingerprint() |
85 | 85 |
{ |
86 |
// server depending values |
|
87 |
$fingerprint = ( isset($_SERVER['SERVER_SIGNATURE']) ) ? $_SERVER['SERVER_SIGNATURE'] : '2';
|
|
86 |
// server depending values
|
|
87 |
$fingerprint = ( isset($_SERVER['SERVER_SIGNATURE']) ) ? $_SERVER['SERVER_SIGNATURE'] : '2'; |
|
88 | 88 |
$fingerprint .= ( isset($_SERVER['SERVER_SOFTWARE']) ) ? $_SERVER['SERVER_SOFTWARE'] : '3'; |
89 | 89 |
$fingerprint .= ( isset($_SERVER['SERVER_NAME']) ) ? $_SERVER['SERVER_NAME'] : '5'; |
90 | 90 |
$fingerprint .= ( isset($_SERVER['SERVER_ADDR']) ) ? $_SERVER['SERVER_ADDR'] : '7'; |
91 | 91 |
$fingerprint .= ( isset($_SERVER['SERVER_PORT']) ) ? $_SERVER['SERVER_PORT'] : '11'; |
92 | 92 |
$fingerprint .= ( isset($_SERVER['SERVER_ADMIN']) ) ? $_SERVER['SERVER_ADMIN'] : '13'; |
93 |
$fingerprint .= __FILE__; |
|
93 | 94 |
$fingerprint .= PHP_VERSION; |
94 |
// client depending values |
|
95 |
$fingerprint .= ( isset($_SERVER['HTTP_USER_AGENT']) ) ? $_SERVER['HTTP_USER_AGENT'] : '17';
|
|
95 |
// client depending values
|
|
96 |
$fingerprint .= ( isset($_SERVER['HTTP_USER_AGENT']) ) ? $_SERVER['HTTP_USER_AGENT'] : '19';
|
|
96 | 97 |
$usedOctets = ( defined('FINGERPRINT_WITH_IP_OCTETS') ) ? (intval(FINGERPRINT_WITH_IP_OCTETS) % 5) : 2; |
97 | 98 |
$clientIp = ( isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '' ); |
98 | 99 |
if(($clientIp != '') && ($usedOctets > 0)){ |
... | ... | |
100 | 101 |
while(sizeof($ip) > $usedOctets) { array_pop($ip); } |
101 | 102 |
$clientIp = implode('.', $ip); |
102 | 103 |
}else { |
103 |
$clientIp = 19;
|
|
104 |
$clientIp = '23';
|
|
104 | 105 |
} |
105 |
$fingerprint .= $clientIp; |
|
106 |
return md5($fingerprint); |
|
106 |
$fingerprint = md5($fingerprint.$clientIp); |
|
107 |
$lastDigit = hexdec($fingerprint[strlen($fingerprint)-1]); |
|
108 |
if ((hexdec($fingerprint[0]) + $lastDigit) == 16) { |
|
109 |
$fingerprint[strlen($fingerprint)-1] = dechex(($lastDigit + 6) % 16); |
|
110 |
} |
|
111 |
return $fingerprint; |
|
107 | 112 |
} |
108 | 113 |
|
109 | 114 |
private function _calcFtan($tanPart) |
Also available in: Unified diff