MediaWiki
REL1_34
Cookie.php
Go to the documentation of this file.
1
<?php
24
class
Cookie
{
25
protected
$name
;
26
protected
$value
;
27
protected
$expires
;
28
protected
$path
;
29
protected
$domain
;
30
protected
$isSessionKey
=
true
;
31
// TO IMPLEMENT protected $secure
32
// TO IMPLEMENT? protected $maxAge (add onto expires)
33
// TO IMPLEMENT? protected $version
34
// TO IMPLEMENT? protected $comment
35
36
function
__construct
(
$name
,
$value
, $attr ) {
37
$this->name =
$name
;
38
$this->
set
(
$value
, $attr );
39
}
40
53
public
function
set
(
$value
, $attr ) {
54
$this->value =
$value
;
55
56
if
( isset( $attr[
'expires'
] ) ) {
57
$this->isSessionKey =
false
;
58
$this->expires = strtotime( $attr[
'expires'
] );
59
}
60
61
$this->path = $attr[
'path'
] ??
'/'
;
62
63
if
( isset( $attr[
'domain'
] ) ) {
64
if
( self::validateCookieDomain( $attr[
'domain'
] ) ) {
65
$this->domain = $attr[
'domain'
];
66
}
67
}
else
{
68
throw
new
InvalidArgumentException(
'$attr must contain a domain'
);
69
}
70
}
71
88
public
static
function
validateCookieDomain
(
$domain
, $originDomain =
null
) {
89
$dc = explode(
"."
,
$domain
);
90
91
// Don't allow a trailing dot or addresses without a or just a leading dot
92
if
( substr(
$domain
, -1 ) ==
'.'
||
93
count( $dc ) <= 1 ||
94
count( $dc ) == 2 && $dc[0] ===
''
95
) {
96
return
false
;
97
}
98
99
// Only allow full, valid IP addresses
100
if
( preg_match(
'/^[0-9.]+$/'
,
$domain
) ) {
101
if
( count( $dc ) != 4 ) {
102
return
false
;
103
}
104
105
if
( ip2long(
$domain
) ===
false
) {
106
return
false
;
107
}
108
109
if
( $originDomain ==
null
|| $originDomain ==
$domain
) {
110
return
true
;
111
}
112
113
}
114
115
// Don't allow cookies for "co.uk" or "gov.uk", etc, but allow "supermarket.uk"
116
if
( strrpos(
$domain
,
"."
) - strlen(
$domain
) == -3 ) {
117
if
( ( count( $dc ) == 2 && strlen( $dc[0] ) <= 2 )
118
|| ( count( $dc ) == 3 && strlen( $dc[0] ) ==
""
&& strlen( $dc[1] ) <= 2 ) ) {
119
return
false
;
120
}
121
if
( ( count( $dc ) == 2 || ( count( $dc ) == 3 && $dc[0] ==
''
) )
122
&& preg_match(
'/(com|net|org|gov|edu)\...$/'
,
$domain
) ) {
123
return
false
;
124
}
125
}
126
127
if
( $originDomain !=
null
) {
128
if
( substr(
$domain
, 0, 1 ) !=
'.'
&&
$domain
!= $originDomain ) {
129
return
false
;
130
}
131
132
if
( substr(
$domain
, 0, 1 ) ==
'.'
133
&& substr_compare(
134
$originDomain,
135
$domain
,
136
-strlen(
$domain
),
137
strlen(
$domain
),
138
true
139
) != 0
140
) {
141
return
false
;
142
}
143
}
144
145
return
true
;
146
}
147
155
public
function
serializeToHttpRequest
(
$path
,
$domain
) {
156
$ret =
''
;
157
158
if
( $this->
canServeDomain
(
$domain
)
159
&& $this->
canServePath
(
$path
)
160
&& $this->
isUnExpired
() ) {
161
$ret = $this->name .
'='
.
$this->value
;
162
}
163
164
return
$ret;
165
}
166
171
protected
function
canServeDomain
(
$domain
) {
172
if
(
$domain
== $this->domain
173
|| ( strlen(
$domain
) > strlen( $this->domain )
174
&& substr( $this->domain, 0, 1 ) ==
'.'
175
&& substr_compare(
176
$domain
,
177
$this->domain,
178
-strlen( $this->domain ),
179
strlen( $this->domain ),
180
true
181
) == 0
182
)
183
) {
184
return
true
;
185
}
186
187
return
false
;
188
}
189
194
protected
function
canServePath
(
$path
) {
195
return
( $this->path && substr_compare( $this->path,
$path
, 0, strlen( $this->path ) ) == 0 );
196
}
197
201
protected
function
isUnExpired
() {
202
return
$this->isSessionKey || $this->expires > time();
203
}
204
}
Cookie
Definition
Cookie.php:24
Cookie\serializeToHttpRequest
serializeToHttpRequest( $path, $domain)
Serialize the cookie jar into a format useful for HTTP Request headers.
Definition
Cookie.php:155
Cookie\$domain
$domain
Definition
Cookie.php:29
Cookie\$name
$name
Definition
Cookie.php:25
Cookie\$path
$path
Definition
Cookie.php:28
Cookie\canServeDomain
canServeDomain( $domain)
Definition
Cookie.php:171
Cookie\isUnExpired
isUnExpired()
Definition
Cookie.php:201
Cookie\__construct
__construct( $name, $value, $attr)
Definition
Cookie.php:36
Cookie\canServePath
canServePath( $path)
Definition
Cookie.php:194
Cookie\$isSessionKey
$isSessionKey
Definition
Cookie.php:30
Cookie\$value
$value
Definition
Cookie.php:26
Cookie\$expires
$expires
Definition
Cookie.php:27
Cookie\validateCookieDomain
static validateCookieDomain( $domain, $originDomain=null)
Return the true if the cookie is valid is valid.
Definition
Cookie.php:88
includes
libs
Cookie.php
Generated on Mon Nov 25 2024 16:05:16 for MediaWiki by
1.10.0