/** * Generates a code supposed to be unic and fixed for each client. */ static function calculateSessionIdentifier() { static $sSessionIdentifier; //caching if (!$sSessionIdentifier) { $sClientSign = "client-sign"; if (AnwComponent::globalCfgSessionCheckClient()) { $sClientSign .= AnwEnv::_SERVER('HTTP_ACCEPT_LANGUAGE', 'empty') . '-' . AnwEnv::_SERVER('HTTP_USER_AGENT', 'empty') . '-'; } if (AnwComponent::globalCfgSessionCheckIp()) { $asIpBytes = explode('.', self::getIp()); $sClientSign .= $asIpBytes[0] . '-' . $asIpBytes[1] . '-' . $asIpBytes[2]; } //Don't use SERVER_SIGNATURE as it may change passing from HTTP to HTTPS $sServerSalt = "server-salt"; if (AnwComponent::globalCfgSessionCheckServer()) { $sServerSalt .= AnwEnv::_SERVER('SERVER_ADMIN', 'empty') . '-' . AnwEnv::_SERVER('SERVER_SOFTWARE', 'empty'); } $sSessionIdentifier = md5($sClientSign . 'at' . $sServerSalt); } return $sSessionIdentifier; }