2012-11-22 03:25:06 +00:00
|
|
|
<?php defined('SYSPATH') OR die('No direct script access.');
|
2011-01-13 14:49:56 +00:00
|
|
|
/**
|
|
|
|
* Cookie helper.
|
|
|
|
*
|
|
|
|
* @package Kohana
|
|
|
|
* @category Helpers
|
|
|
|
* @author Kohana Team
|
2012-11-22 03:25:06 +00:00
|
|
|
* @copyright (c) 2008-2012 Kohana Team
|
2011-01-13 14:49:56 +00:00
|
|
|
* @license http://kohanaframework.org/license
|
|
|
|
*/
|
|
|
|
class Kohana_Cookie {
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @var string Magic salt to add to the cookie
|
|
|
|
*/
|
2011-05-16 12:47:16 +00:00
|
|
|
public static $salt = NULL;
|
2011-01-13 14:49:56 +00:00
|
|
|
|
|
|
|
/**
|
|
|
|
* @var integer Number of seconds before the cookie expires
|
|
|
|
*/
|
|
|
|
public static $expiration = 0;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @var string Restrict the path that the cookie is available to
|
|
|
|
*/
|
|
|
|
public static $path = '/';
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @var string Restrict the domain that the cookie is available to
|
|
|
|
*/
|
|
|
|
public static $domain = NULL;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @var boolean Only transmit cookies over secure connections
|
|
|
|
*/
|
|
|
|
public static $secure = FALSE;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @var boolean Only transmit cookies over HTTP, disabling Javascript access
|
|
|
|
*/
|
|
|
|
public static $httponly = FALSE;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Gets the value of a signed cookie. Cookies without signatures will not
|
|
|
|
* be returned. If the cookie signature is present, but invalid, the cookie
|
|
|
|
* will be deleted.
|
|
|
|
*
|
|
|
|
* // Get the "theme" cookie, or use "blue" if the cookie does not exist
|
|
|
|
* $theme = Cookie::get('theme', 'blue');
|
|
|
|
*
|
2012-11-22 03:25:06 +00:00
|
|
|
* @param string $key cookie name
|
|
|
|
* @param mixed $default default value to return
|
2011-01-13 14:49:56 +00:00
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
public static function get($key, $default = NULL)
|
|
|
|
{
|
|
|
|
if ( ! isset($_COOKIE[$key]))
|
|
|
|
{
|
|
|
|
// The cookie does not exist
|
|
|
|
return $default;
|
|
|
|
}
|
|
|
|
|
|
|
|
// Get the cookie value
|
|
|
|
$cookie = $_COOKIE[$key];
|
|
|
|
|
|
|
|
// Find the position of the split between salt and contents
|
|
|
|
$split = strlen(Cookie::salt($key, NULL));
|
|
|
|
|
|
|
|
if (isset($cookie[$split]) AND $cookie[$split] === '~')
|
|
|
|
{
|
|
|
|
// Separate the salt and the value
|
|
|
|
list ($hash, $value) = explode('~', $cookie, 2);
|
|
|
|
|
|
|
|
if (Cookie::salt($key, $value) === $hash)
|
|
|
|
{
|
|
|
|
// Cookie signature is valid
|
|
|
|
return $value;
|
|
|
|
}
|
|
|
|
|
|
|
|
// The cookie signature is invalid, delete it
|
|
|
|
Cookie::delete($key);
|
|
|
|
}
|
|
|
|
|
|
|
|
return $default;
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Sets a signed cookie. Note that all cookie values must be strings and no
|
|
|
|
* automatic serialization will be performed!
|
|
|
|
*
|
|
|
|
* // Set the "theme" cookie
|
|
|
|
* Cookie::set('theme', 'red');
|
|
|
|
*
|
2012-11-22 03:25:06 +00:00
|
|
|
* @param string $name name of cookie
|
|
|
|
* @param string $value value of cookie
|
|
|
|
* @param integer $expiration lifetime in seconds
|
2011-01-13 14:49:56 +00:00
|
|
|
* @return boolean
|
|
|
|
* @uses Cookie::salt
|
|
|
|
*/
|
|
|
|
public static function set($name, $value, $expiration = NULL)
|
|
|
|
{
|
|
|
|
if ($expiration === NULL)
|
|
|
|
{
|
|
|
|
// Use the default expiration
|
|
|
|
$expiration = Cookie::$expiration;
|
|
|
|
}
|
|
|
|
|
|
|
|
if ($expiration !== 0)
|
|
|
|
{
|
|
|
|
// The expiration is expected to be a UNIX timestamp
|
|
|
|
$expiration += time();
|
|
|
|
}
|
|
|
|
|
|
|
|
// Add the salt to the cookie value
|
|
|
|
$value = Cookie::salt($name, $value).'~'.$value;
|
|
|
|
|
|
|
|
return setcookie($name, $value, $expiration, Cookie::$path, Cookie::$domain, Cookie::$secure, Cookie::$httponly);
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Deletes a cookie by making the value NULL and expiring it.
|
|
|
|
*
|
|
|
|
* Cookie::delete('theme');
|
|
|
|
*
|
2012-11-22 03:25:06 +00:00
|
|
|
* @param string $name cookie name
|
2011-01-13 14:49:56 +00:00
|
|
|
* @return boolean
|
|
|
|
* @uses Cookie::set
|
|
|
|
*/
|
|
|
|
public static function delete($name)
|
|
|
|
{
|
|
|
|
// Remove the cookie
|
|
|
|
unset($_COOKIE[$name]);
|
|
|
|
|
|
|
|
// Nullify the cookie and make it expire
|
2011-05-16 12:47:16 +00:00
|
|
|
return setcookie($name, NULL, -86400, Cookie::$path, Cookie::$domain, Cookie::$secure, Cookie::$httponly);
|
2011-01-13 14:49:56 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Generates a salt string for a cookie based on the name and value.
|
|
|
|
*
|
|
|
|
* $salt = Cookie::salt('theme', 'red');
|
|
|
|
*
|
2012-11-22 03:25:06 +00:00
|
|
|
* @param string $name name of cookie
|
|
|
|
* @param string $value value of cookie
|
2011-01-13 14:49:56 +00:00
|
|
|
* @return string
|
|
|
|
*/
|
|
|
|
public static function salt($name, $value)
|
|
|
|
{
|
2011-05-16 12:47:16 +00:00
|
|
|
// Require a valid salt
|
|
|
|
if ( ! Cookie::$salt)
|
|
|
|
{
|
|
|
|
throw new Kohana_Exception('A valid cookie salt is required. Please set Cookie::$salt.');
|
|
|
|
}
|
|
|
|
|
2011-01-13 14:49:56 +00:00
|
|
|
// Determine the user agent
|
|
|
|
$agent = isset($_SERVER['HTTP_USER_AGENT']) ? strtolower($_SERVER['HTTP_USER_AGENT']) : 'unknown';
|
|
|
|
|
|
|
|
return sha1($agent.$name.$value.Cookie::$salt);
|
|
|
|
}
|
|
|
|
|
|
|
|
} // End cookie
|