【php开源代码栏目提醒】:网学会员为广大网友收集整理了,class.securesession.php,希望对大家有所帮助!
<?php
/*
SecureSession class
Written by Vagharshak Tozalakyan <
class.securesession.php为[网学网-网友上传,谢谢支持]。>
Released under GNU Public License
*/
class SecureSession
{
// Include browser name in fingerprint?
var $check_browser = true;
// How many numbers from IP use in fingerprint?
var $check_ip_blocks = 0;
// Control word - any word you want.
var $secure_word = 'SECURESTAFF';
// Regenerate session ID to prevent fixation attacks?
var $regenerate_id = true;
// Call this when init session.
function Open()
{
$_SESSION['ss_fprint'] = $this->_Fingerprint();
$this->_RegenerateId();
}
// Call this to check session.
function Check()
{
$this->_RegenerateId();
return (isset($_SESSION['ss_fprint'])
&& $_SESSION['ss_fprint'] == $this->_Fingerprint());
}
// Internal function. Returns MD5 from fingerprint.
function _Fingerprint()
{
$fingerprint = $this->secure_word;
if ($this->check_browser)
{
$fingerprint .= $_SERVER['HTTP_USER_AGENT'];
}
if ($this->check_ip_blocks)
{
$num_blocks = abs(intval($this->check_ip_blocks));
if ($num_blocks > 4)
{
$num_blocks = 4;
}
$blocks = explode('.', $_SERVER['REMOTE_ADDR']);
for ($i=0; $i<$num_blocks; $i++)
{
$fingerprint .= $blocks[$i] . '.';
}
}
return md5($fingerprint);
}
// Internal function. Regenerates session ID if possible.
function _RegenerateId()
{
if ($this->regenerate_id && function_exists('session_regenerate_id'))
{
session_regenerate_id();
}
}
}
?>
上一篇:
class.RSS.php
下一篇:
ASP小区停车管理系统(Access)(含录像)