Revision 1561
Added by Dietmar over 12 years ago
SecureForm.php | ||
---|---|---|
83 | 83 |
|
84 | 84 |
private function _generate_fingerprint() |
85 | 85 |
{ |
86 |
$usedOctets = ( defined('FINGERPRINT_WITH_IP_OCTETS') ) ? (intval(FINGERPRINT_WITH_IP_OCTETS) % 5) : 2; |
|
86 | 87 |
// server depending values |
87 |
$fingerprint = ( isset($_SERVER['SERVER_SIGNATURE']) ) ? $_SERVER['SERVER_SIGNATURE'] : '2'; |
|
88 |
$fingerprint = ''; |
|
89 |
$fingerprint .= ( isset($_SERVER['SERVER_SIGNATURE']) ) ? $_SERVER['SERVER_SIGNATURE'] : '2'; |
|
88 | 90 |
$fingerprint .= ( isset($_SERVER['SERVER_SOFTWARE']) ) ? $_SERVER['SERVER_SOFTWARE'] : '3'; |
89 | 91 |
$fingerprint .= ( isset($_SERVER['SERVER_NAME']) ) ? $_SERVER['SERVER_NAME'] : '5'; |
90 |
$fingerprint .= ( isset($_SERVER['SERVER_ADDR']) ) ? $_SERVER['SERVER_ADDR'] : '7'; |
|
92 |
$serverIp = ( isset($_SERVER['SERVER_ADDR']) ) ? $_SERVER['SERVER_ADDR'] : ''; |
|
93 |
if(($serverIp != '') && ($usedOctets > 0)){ |
|
94 |
$ip = explode('.', $serverIp); |
|
95 |
while(sizeof($ip) > $usedOctets) { array_pop($ip); } |
|
96 |
$fingerprint .= implode('.', $ip); |
|
97 |
}else { |
|
98 |
$fingerprint .= '7'; |
|
99 |
} |
|
91 | 100 |
$fingerprint .= ( isset($_SERVER['SERVER_PORT']) ) ? $_SERVER['SERVER_PORT'] : '11'; |
92 | 101 |
$fingerprint .= ( isset($_SERVER['SERVER_ADMIN']) ) ? $_SERVER['SERVER_ADMIN'] : '13'; |
93 | 102 |
$fingerprint .= __FILE__; |
94 | 103 |
$fingerprint .= PHP_VERSION; |
95 | 104 |
// client depending values |
96 | 105 |
$fingerprint .= ( isset($_SERVER['HTTP_USER_AGENT']) ) ? $_SERVER['HTTP_USER_AGENT'] : '19'; |
97 |
$usedOctets = ( defined('FINGERPRINT_WITH_IP_OCTETS') ) ? (intval(FINGERPRINT_WITH_IP_OCTETS) % 5) : 2; |
|
106 |
// $usedOctets = ( defined('FINGERPRINT_WITH_IP_OCTETS') ) ? (intval(FINGERPRINT_WITH_IP_OCTETS) % 5) : 2;
|
|
98 | 107 |
$clientIp = ( isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '' ); |
99 | 108 |
if(($clientIp != '') && ($usedOctets > 0)){ |
100 | 109 |
$ip = explode('.', $clientIp); |
Also available in: Unified diff
secureForm Fix for hosting with load balancing