在 PHP 中创建唯一用户指纹的方法
What is the best way to generate a 'fingerprint' of user unique-ness in PHP?
For example:
- I could use a user's IP address as the 'fingerprint', however, there could be multiple other users on the same IP
- I could use the user's IP + user agent as the 'fingerprint', however, a single user could simply swap from safari to firefox and again be seen as being unique
Ideally, the fingerprint so label the 'machine' rather than browser or 'ip' but I can't think of how this is achievable.
Open to ideas/suggestions of how you uniquely identify your users, and what advantages/disadvantages your method has.
解决方案Easiest and best way: use phps session-management - every client is given an ID, stored in a cookie (if enabled) or given as a get-variable on every link and form (alternatively you could set a cookie on your own). But, this only "fingerprints" the browser - if the user changes his browser, deletes his cookies or whatever, you can't identify it anymore.
Identifying every client by IP address is usually a bad idea and won't work. Clients that use the same router will have the same IP addresses - clients connected through a proxy-pool could have another IP address with every page load.
If you need a solution that can't be manipulated by the client in an easy way, try to do a combination of the following, using all that are supported by the clients browser and compare them on each page-load:
- "normal" HTTP Cookies
- Local Shared Objects (Flash Cookies)
- Storing cookies in RGB values of auto-generated, force-cached PNGs using HTML5 Canvas tag to read pixels (cookies) back out
- Storing cookies in and reading out Web History
- Storing cookies in HTTP ETags
- Internet Explorer userData storage
- HTML5 Session Storage
- HTML5 Local Storage
- HTML5 Global Storage
- HTML5 Database Storage via SQLite
There's a solution called evercookie that implements all of this.
相关文章