/** * Code modified from dokuwiki * /dokuwiki/inc/auth.php * * Builds a pseudo UID from browser and IP data * * This is neither unique nor unfakable - still it adds some * security. Using the first part of the IP makes sure * proxy farms like AOLs are stil okay. * * @author Andreas Gohr <*****@*****.**> * * @return string a MD5 sum of various browser headers */ function auth_browseruid($legacy = false) { $uid = ''; if (isset($_SERVER['HTTP_USER_AGENT'])) { $uid .= $_SERVER['HTTP_USER_AGENT']; } if (isset($_SERVER['HTTP_ACCEPT_ENCODING'])) { $uid .= $_SERVER['HTTP_ACCEPT_ENCODING']; } // IE does not report ACCEPT_LANGUAGE consistently //if( $legacy && isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ){ // $uid .= $_SERVER['HTTP_ACCEPT_LANGUAGE']; //} if (isset($_SERVER['HTTP_ACCEPT_CHARSET'])) { $uid .= $_SERVER['HTTP_ACCEPT_CHARSET']; } if ($legacy) { if (isset($_SERVER['REMOTE_ADDR'])) { $ip = $_SERVER['REMOTE_ADDR']; if (strpos($ip, '.') !== false) { $uid .= substr($ip, 0, strpos($ip, '.')); } elseif (strpos($ip, ':') !== false) { $uid .= substr($ip, 0, strpos($ip, ':')); } } } else { $ip = gpsession::clientIP(true); $uid .= substr($ip, 0, strpos($ip, '.')); } //ie8 will report ACCEPT_LANGUAGE as en-us and en-US depending on the type of request (normal, ajax) $uid = strtolower($uid); return md5($uid); }