-
Notifications
You must be signed in to change notification settings - Fork 12
/
Cookie.php
193 lines (169 loc) · 5.76 KB
/
Cookie.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
<?php
/**
* Cookie wrapper class
*
* all documentation text is from http://php.net/setcookie
*
* @package Cookie
* @version 1.0.0
*/
class Cookie
{
/**
* Permanent cookie period
*/
const PERMANENT = '+1 year';
/**
* @var bool
*/
private static $inited = false;
/**
* The domain that the cookie is available to
* @var string
*/
private static $domain;
/**
* The path on the server in which the cookie will be available on.
* @var string
*/
private static $path = '/';
/**
* @var bool
*/
private static $secure = false;
/**
* Prefix for all cookies
* @var string
*/
private static $prefix = 'mc_';
/* -------------------------------------cut------------------------------------- */
private function __construct(){}
/**
* @param array $opts Array of options. Supported keys:<ul>
* <li>'path' - The path on the server in which the cookie will be available on.
* If set to '/', the cookie will be available within the entire domain.
* If set to '/foo/', the cookie will only be available within the /foo/ directory and all sub-directories such as /foo/bar/ of domain.
* Default value is: /<br>
* <li>'domain' - The domain that the cookie is available to.
* Setting the domain to 'www.example.com' will make the cookie available in the www subdomain and higher subdomains.
* Cookies available to a lower domain, such as 'example.com' will be available to higher subdomains, such as 'www.example.com'.
* Older browsers still implementing the deprecated » RFC 2109 may require a leading . to match all subdomains.
* Default value is '.' + $_SERVER['SERVER_NAME'] [www is omitted]<br>
* <li>'prefix' - Prefix for cookies. See: self::$prefix
*/
public static function init(array $opts = array())
{
if (self::$inited) return;
if (isset($opts['path']) AND (string) $opts['path']) self::$path = (string) $opts['path'];
if (isset($opts['prefix'])) self::$prefix = (string) $opts['prefix'];
if (isset($opts['domain']) AND (string) $opts['domain']) self::$domain = (string) $opts['domain'];
else
{
self::$domain = $_SERVER['SERVER_NAME'];
self::$domain = '.' . preg_replace('#^www\.#', '', strtolower(self::$domain));
}
self::$secure = (isset($_SERVER['HTTPS']) AND strtolower($_SERVER['HTTPS']) == 'on');
}
/**
* Get current domain
* @return string
*/
public static function getDomain()
{
return self::$domain;
}
/**
* Get info about prefix setting
* @return string
*/
public static function getPrefix()
{
return self::$prefix;
}
/**
* Get info about path setting
* @return string
*/
public static function getPath()
{
return self::$path;
}
/**
* Get info about secure setting
* @return boolean
*/
public static function isSecure()
{
return self::$secure;
}
/**
* Get realname for cookie
* @param string $name
* @return string
*/
public function realname($name)
{
return self::$prefix . $name;
}
/**
* Set a cookie
* @param string $name The name of the cookie.
* @param string $value The value of the cookie. This value is stored on the clients computer; do not store sensitive information.
* Assuming the name is 'cookiename', this value is retrieved through $_COOKIE['cookiename'] or Cookie::get('cookiename')
* @param bool|string|int $expire The time the cookie expires. Possible values:<br>
* <strong>true</strong> - set cookie permanently<br>
* <strong>false</strong> - set cookie for current session only<br>
* <strong>int</strong> - The number of seconds to add to the current time<br>
* <strong>string</strong> - Relative DateTime Formats (ex: '+3 days', '+1 week' etc.)<br>
* See http://es.php.net/manual/en/datetime.formats.relative.php
* @param bool $httponly When TRUE the cookie will be made accessible only through the HTTP protocol.
* This means that the cookie won't be accessible by scripting languages, such as JavaScript.
* It has been suggested that this setting can effectively help to reduce identity theft through XSS attacks
* (although it is not supported by all browsers), but that claim is often disputed. Added in PHP 5.2.0. TRUE or FALSE
* @return boolean If output exists prior to calling this function, setcookie() will fail and return FALSE.
* If setcookie() successfully runs, it will return TRUE. This does not indicate whether the user accepted the cookie.
*/
public static function set($name, $value, $expire = self::PERMANENT, $httponly = false)
{
if (empty($value)) // Unset cookie, hmm...
{
$expire = '-1 day';
}
$name = self::realname($name);
$value = (string) $value;
if ($expire === true) $expire = self::PERMANENT;
if (is_numeric($expire)) $expire = time() + $expire;
elseif (is_string($expire) AND $expire) $expire = strtotime($expire);
else $expire = 0;
if (time() > $expire)
{
$value = '';
unset($_COOKIE[$name]);
}
else $_COOKIE[$name] = $value;
if (headers_sent())
{
return false;
}
return setcookie($name, $value, $expire, self::$path, self::$domain, self::$secure, $httponly);
}
/**
* Clear (unset) a cookie
* @param string $name
* @return bool
*/
public static function clear($name)
{
return self::set($name, '', '-1 day');
}
/**
* Get a cookie
* @param string $name
* @return mixed
*/
public static function get($name)
{
$name = self::realname($name);
return @$_COOKIE[$name];
}
}