MediaWiki
master
Cookie.php
Go to the documentation of this file.
1
<?php
24
class
Cookie
{
25
protected
$name
;
26
protected
$value
;
27
protected
$expires
;
28
protected
$path
;
29
protected
$domain
;
30
protected
$isSessionKey
=
true
;
31
// TO IMPLEMENT protected $secure
32
// TO IMPLEMENT? protected $maxAge (add onto expires)
33
// TO IMPLEMENT? protected $version
34
// TO IMPLEMENT? protected $comment
35
36
public
function
__construct
(
$name
,
$value
, $attr ) {
37
$this->name =
$name
;
38
$this->
set
(
$value
, $attr );
39
}
40
53
public
function
set
(
$value
, $attr ) {
54
$this->value =
$value
;
55
56
if
( isset( $attr[
'expires'
] ) ) {
57
$this->isSessionKey =
false
;
58
$this->expires = strtotime( $attr[
'expires'
] );
59
}
60
61
$this->path = $attr[
'path'
] ??
'/'
;
62
63
if
( isset( $attr[
'domain'
] ) ) {
64
if
( self::validateCookieDomain( $attr[
'domain'
] ) ) {
65
$this->domain = $attr[
'domain'
];
66
}
67
}
else
{
68
throw
new
InvalidArgumentException(
'$attr must contain a domain'
);
69
}
70
}
71
88
public
static
function
validateCookieDomain
(
$domain
, $originDomain =
null
) {
89
$dc = explode(
"."
,
$domain
);
90
91
// Don't allow a trailing dot or addresses without a or just a leading dot
92
if
( substr(
$domain
, -1 ) ==
'.'
||
93
count( $dc ) <= 1 ||
94
( count( $dc ) == 2 && $dc[0] ===
''
)
95
) {
96
return
false
;
97
}
98
99
// Only allow full, valid IP addresses
100
if
( preg_match(
'/^[0-9.]+$/'
,
$domain
) ) {
101
if
( count( $dc ) !== 4 || ip2long(
$domain
) ===
false
) {
102
return
false
;
103
}
104
105
if
( $originDomain ==
null
|| $originDomain ==
$domain
) {
106
return
true
;
107
}
108
}
109
110
// Don't allow cookies for "co.uk" or "gov.uk", etc, but allow "supermarket.uk"
111
if
( strrpos(
$domain
,
"."
) - strlen(
$domain
) == -3 ) {
112
if
( ( count( $dc ) == 2 && strlen( $dc[0] ) <= 2 )
113
|| ( count( $dc ) == 3 && strlen( $dc[0] ) == 0 && strlen( $dc[1] ) <= 2 ) ) {
114
return
false
;
115
}
116
if
( ( count( $dc ) == 2 || ( count( $dc ) == 3 && $dc[0] ==
''
) )
117
&& preg_match(
'/(com|net|org|gov|edu)\...$/'
,
$domain
) ) {
118
return
false
;
119
}
120
}
121
122
if
( $originDomain !=
null
) {
123
if
( substr(
$domain
, 0, 1 ) !=
'.'
&&
$domain
!= $originDomain ) {
124
return
false
;
125
}
126
127
if
( substr(
$domain
, 0, 1 ) ==
'.'
128
&& substr_compare(
129
$originDomain,
130
$domain
,
131
-strlen(
$domain
),
132
strlen(
$domain
),
133
true
134
) != 0
135
) {
136
return
false
;
137
}
138
}
139
140
return
true
;
141
}
142
150
public
function
serializeToHttpRequest
(
$path
,
$domain
) {
151
$ret =
''
;
152
153
if
( $this->
canServeDomain
(
$domain
)
154
&& $this->
canServePath
(
$path
)
155
&& $this->
isUnExpired
() ) {
156
$ret = $this->name .
'='
.
$this->value
;
157
}
158
159
return
$ret;
160
}
161
166
protected
function
canServeDomain
(
$domain
) {
167
if
(
$domain
== $this->domain
168
|| ( strlen(
$domain
) > strlen( $this->domain )
169
&& str_starts_with( $this->domain,
'.'
)
170
&& substr_compare(
171
$domain
,
172
$this->domain,
173
-strlen( $this->domain ),
174
strlen( $this->domain ),
175
true
176
) == 0
177
)
178
) {
179
return
true
;
180
}
181
182
return
false
;
183
}
184
189
protected
function
canServePath
(
$path
) {
190
return
( $this->path && substr_compare( $this->path,
$path
, 0, strlen( $this->path ) ) == 0 );
191
}
192
196
protected
function
isUnExpired
() {
197
return
$this->isSessionKey || $this->expires > time();
198
}
199
}
Cookie
Definition
Cookie.php:24
Cookie\serializeToHttpRequest
serializeToHttpRequest( $path, $domain)
Serialize the cookie jar into a format useful for HTTP Request headers.
Definition
Cookie.php:150
Cookie\$domain
$domain
Definition
Cookie.php:29
Cookie\$name
$name
Definition
Cookie.php:25
Cookie\$path
$path
Definition
Cookie.php:28
Cookie\canServeDomain
canServeDomain( $domain)
Definition
Cookie.php:166
Cookie\isUnExpired
isUnExpired()
Definition
Cookie.php:196
Cookie\__construct
__construct( $name, $value, $attr)
Definition
Cookie.php:36
Cookie\canServePath
canServePath( $path)
Definition
Cookie.php:189
Cookie\$isSessionKey
$isSessionKey
Definition
Cookie.php:30
Cookie\$value
$value
Definition
Cookie.php:26
Cookie\$expires
$expires
Definition
Cookie.php:27
Cookie\validateCookieDomain
static validateCookieDomain( $domain, $originDomain=null)
Return the true if the cookie is valid is valid.
Definition
Cookie.php:88
includes
libs
Cookie.php
Generated on Fri Apr 26 2024 03:23:38 for MediaWiki by
1.10.0