/** * Generates a session id, signed with "Q"/"external"/"secret" * so that the web server won't have to deal with session ids we haven't issued. * @return {string} */ static function generateId() { $id = str_replace('-', '', Q_Utils::uuid()); $secret = Q_Config::get('Q', 'external', 'secret', null); if (isset($secret)) { $id .= md5($id . $secret); } $id = base64_encode(pack('H*', $id)); return str_replace(array('z', '+', '/', '='), array('zz', 'za', 'zb', 'zc'), $id); }
/** * Generates a session id, signed with "Q"/"external"/"secret" * so that the web server won't have to deal with session ids we haven't issued. * @return {string} */ static function generateId() { $id = str_replace('-', '', Q_Utils::uuid()); $secret = Q_Config::get('Q', 'external', 'secret', null); if (isset($secret)) { $hmac = Q_Utils::hmac('sha1', $id, "{$secret}"); $id .= substr($hmac, 0, 32); } $id = base64_encode(pack('H*', $id)); return str_replace(array('z', '+', '/', '='), array('zz', 'za', 'zb', 'zc'), $id); }