- <?php
- /**
- * Zend Framework (http://framework.zend.com/)
- *
- * @link http://github.com/zendframework/zf2 for the canonical source repository
- * @copyright Copyright (c) 2005-2014 Zend Technologies USA Inc. (http://www.zend.com)
- * @license http://framework.zend.com/license/new-bsd New BSD License
- */
-
- namespace Zend\Http\Header;
-
- use Zend\Uri\UriFactory;
-
- /**
- * @throws Exception\InvalidArgumentException
- * @see http://www.ietf.org/rfc/rfc2109.txt
- * @see http://www.w3.org/Protocols/rfc2109/rfc2109
- */
- class SetCookie implements MultipleHeaderInterface
- {
-
- /**
- * Cookie name
- *
- * @var string|null
- */
- protected $name = null;
-
- /**
- * Cookie value
- *
- * @var string|null
- */
- protected $value = null;
-
- /**
- * Version
- *
- * @var int|null
- */
- protected $version = null;
-
- /**
- * Max Age
- *
- * @var int|null
- */
- protected $maxAge = null;
-
- /**
- * Cookie expiry date
- *
- * @var int|null
- */
- protected $expires = null;
-
- /**
- * Cookie domain
- *
- * @var string|null
- */
- protected $domain = null;
-
- /**
- * Cookie path
- *
- * @var string|null
- */
- protected $path = null;
-
- /**
- * Whether the cookie is secure or not
- *
- * @var bool|null
- */
- protected $secure = null;
-
- /**
- * If the value need to be quoted or not
- *
- * @var bool
- */
- protected $quoteFieldValue = false;
-
- /**
- * @var bool|null
- */
- protected $httponly = null;
-
- /**
- * @static
- * @throws Exception\InvalidArgumentException
- * @param $headerLine
- * @param bool $bypassHeaderFieldName
- * @return array|SetCookie
- */
- public static function fromString($headerLine, $bypassHeaderFieldName = false)
- {
- static $setCookieProcessor = null;
-
- if ($setCookieProcessor === null) {
- $setCookieClass = get_called_class();
- $setCookieProcessor = function ($headerLine) use ($setCookieClass) {
- $header = new $setCookieClass;
- $keyValuePairs = preg_split('#;\s*#', $headerLine);
-
- foreach ($keyValuePairs as $keyValue) {
- if (preg_match('#^(?P<headerKey>[^=]+)=\s*("?)(?P<headerValue>[^"]*)\2#', $keyValue, $matches)) {
- $headerKey = $matches['headerKey'];
- $headerValue= $matches['headerValue'];
- } else {
- $headerKey = $keyValue;
- $headerValue = null;
- }
-
- // First K=V pair is always the cookie name and value
- if ($header->getName() === NULL) {
- $header->setName($headerKey);
- $header->setValue(urldecode($headerValue));
- continue;
- }
-
- // Process the remaining elements
- switch (str_replace(array('-', '_'), '', strtolower($headerKey))) {
- case 'expires' : $header->setExpires($headerValue); break;
- case 'domain' : $header->setDomain($headerValue); break;
- case 'path' : $header->setPath($headerValue); break;
- case 'secure' : $header->setSecure(true); break;
- case 'httponly': $header->setHttponly(true); break;
- case 'version' : $header->setVersion((int) $headerValue); break;
- case 'maxage' : $header->setMaxAge((int) $headerValue); break;
- default:
- // Intentionally omitted
- }
- }
-
- return $header;
- };
- }
-
- list($name, $value) = GenericHeader::splitHeaderLine($headerLine);
-
- // some sites return set-cookie::value, this is to get rid of the second :
- $name = (strtolower($name) =='set-cookie:') ? 'set-cookie' : $name;
-
- // check to ensure proper header type for this factory
- if (strtolower($name) !== 'set-cookie') {
- throw new Exception\InvalidArgumentException('Invalid header line for Set-Cookie string: "' . $name . '"');
- }
-
- $multipleHeaders = preg_split('#(?<!Sun|Mon|Tue|Wed|Thu|Fri|Sat),\s*#', $value);
-
- if (count($multipleHeaders) <= 1) {
- return $setCookieProcessor(array_pop($multipleHeaders));
- } else {
- $headers = array();
- foreach ($multipleHeaders as $headerLine) {
- $headers[] = $setCookieProcessor($headerLine);
- }
- return $headers;
- }
- }
-
- /**
- * Cookie object constructor
- *
- * @todo Add validation of each one of the parameters (legal domain, etc.)
- *
- * @param string $name
- * @param string $value
- * @param int|string $expires
- * @param string $path
- * @param string $domain
- * @param bool $secure
- * @param bool $httponly
- * @param string $maxAge
- * @param int $version
- * @return SetCookie
- */
- public function __construct($name = null, $value = null, $expires = null, $path = null, $domain = null, $secure = false, $httponly = false, $maxAge = null, $version = null)
- {
- $this->type = 'Cookie';
-
- $this->setName($name)
- ->setValue($value)
- ->setVersion($version)
- ->setMaxAge($maxAge)
- ->setDomain($domain)
- ->setExpires($expires)
- ->setPath($path)
- ->setSecure($secure)
- ->setHttpOnly($httponly);
- }
-
- /**
- * @return string 'Set-Cookie'
- */
- public function getFieldName()
- {
- return 'Set-Cookie';
- }
-
- /**
- * @throws Exception\RuntimeException
- * @return string
- */
- public function getFieldValue()
- {
- if ($this->getName() == '') {
- return '';
- }
-
- $value = urlencode($this->getValue());
- if ( $this->hasQuoteFieldValue() ) {
- $value = '"'. $value . '"';
- }
-
- $fieldValue = $this->getName() . '=' . $value;
-
- $version = $this->getVersion();
- if ($version!==null) {
- $fieldValue .= '; Version=' . $version;
- }
-
- $maxAge = $this->getMaxAge();
- if ($maxAge!==null) {
- $fieldValue .= '; Max-Age=' . $maxAge;
- }
-
- $expires = $this->getExpires();
- if ($expires) {
- $fieldValue .= '; Expires=' . $expires;
- }
-
- $domain = $this->getDomain();
- if ($domain) {
- $fieldValue .= '; Domain=' . $domain;
- }
-
- $path = $this->getPath();
- if ($path) {
- $fieldValue .= '; Path=' . $path;
- }
-
- if ($this->isSecure()) {
- $fieldValue .= '; Secure';
- }
-
- if ($this->isHttponly()) {
- $fieldValue .= '; HttpOnly';
- }
-
- return $fieldValue;
- }
-
- /**
- * @param string $name
- * @throws Exception\InvalidArgumentException
- * @return SetCookie
- */
- public function setName($name)
- {
- $this->name = $name;
- return $this;
- }
-
- /**
- * @return string
- */
- public function getName()
- {
- return $this->name;
- }
-
- /**
- * @param string $value
- * @return SetCookie
- */
- public function setValue($value)
- {
- $this->value = $value;
- return $this;
- }
-
- /**
- * @return string
- */
- public function getValue()
- {
- return $this->value;
- }
-
- /**
- * Set version
- *
- * @param int $version
- * @throws Exception\InvalidArgumentException
- * @return SetCookie
- */
- public function setVersion($version)
- {
- if ($version !== null && !is_int($version)) {
- throw new Exception\InvalidArgumentException('Invalid Version number specified');
- }
- $this->version = $version;
- return $this;
- }
-
- /**
- * Get version
- *
- * @return int
- */
- public function getVersion()
- {
- return $this->version;
- }
-
- /**
- * Set Max-Age
- *
- * @param int $maxAge
- * @throws Exception\InvalidArgumentException
- * @return SetCookie
- */
- public function setMaxAge($maxAge)
- {
- if ($maxAge !== null && (!is_int($maxAge) || ($maxAge < 0))) {
- throw new Exception\InvalidArgumentException('Invalid Max-Age number specified');
- }
- $this->maxAge = $maxAge;
- return $this;
- }
-
- /**
- * Get Max-Age
- *
- * @return int
- */
- public function getMaxAge()
- {
- return $this->maxAge;
- }
-
- /**
- * @param int|string $expires
- * @throws Exception\InvalidArgumentException
- * @return SetCookie
- */
- public function setExpires($expires)
- {
- if ($expires === null) {
- $this->expires = null;
- return $this;
- }
-
- $tsExpires = $expires;
- if (is_string($expires)) {
- $tsExpires = strtotime($expires);
-
- // if $tsExpires is invalid and PHP is compiled as 32bit. Check if it fail reason is the 2038 bug
- if (!is_int($tsExpires) && PHP_INT_SIZE === 4) {
- $dateTime = new \DateTime($expires);
- if ( $dateTime->format('Y') > 2038) {
- $tsExpires = PHP_INT_MAX;
- }
- }
- }
-
- if (!is_int($tsExpires) || $tsExpires < 0) {
- throw new Exception\InvalidArgumentException('Invalid expires time specified');
- }
-
- $this->expires = $tsExpires;
- return $this;
- }
-
- /**
- * @param bool $inSeconds
- * @return int|string
- */
- public function getExpires($inSeconds = false)
- {
- if ($this->expires === null) {
- return;
- }
- if ($inSeconds) {
- return $this->expires;
- }
- return gmdate('D, d-M-Y H:i:s', $this->expires) . ' GMT';
- }
-
- /**
- * @param string $domain
- * @return SetCookie
- */
- public function setDomain($domain)
- {
- $this->domain = $domain;
- return $this;
- }
-
- /**
- * @return string
- */
- public function getDomain()
- {
- return $this->domain;
- }
-
- /**
- * @param string $path
- * @return SetCookie
- */
- public function setPath($path)
- {
- $this->path = $path;
- return $this;
- }
-
- /**
- * @return string
- */
- public function getPath()
- {
- return $this->path;
- }
-
- /**
- * @param bool $secure
- * @return SetCookie
- */
- public function setSecure($secure)
- {
- $this->secure = $secure;
- return $this;
- }
-
- /**
- * @param bool $quotedValue
- * @return SetCookie
- */
- public function setQuoteFieldValue($quotedValue)
- {
- $this->quoteFieldValue = (bool) $quotedValue;
- return $this;
- }
-
- /**
- * @return bool
- */
- public function isSecure()
- {
- return $this->secure;
- }
-
- /**
- * @param bool $httponly
- * @return SetCookie
- */
- public function setHttponly($httponly)
- {
- $this->httponly = $httponly;
- return $this;
- }
-
- /**
- * @return bool
- */
- public function isHttponly()
- {
- return $this->httponly;
- }
-
- /**
- * Check whether the cookie has expired
- *
- * Always returns false if the cookie is a session cookie (has no expiry time)
- *
- * @param int $now Timestamp to consider as "now"
- * @return bool
- */
- public function isExpired($now = null)
- {
- if ($now === null) {
- $now = time();
- }
-
- if (is_int($this->expires) && $this->expires < $now) {
- return true;
- }
-
- return false;
- }
-
- /**
- * Check whether the cookie is a session cookie (has no expiry time set)
- *
- * @return bool
- */
- public function isSessionCookie()
- {
- return ($this->expires === null);
- }
-
- /**
- * Check whether the cookie is a session cookie (has no expiry time set)
- *
- * @return bool
- */
- public function hasQuoteFieldValue()
- {
- return $this->quoteFieldValue;
- }
-
- public function isValidForRequest($requestDomain, $path, $isSecure = false)
- {
- if ($this->getDomain() && (strrpos($requestDomain, $this->getDomain()) === false)) {
- return false;
- }
-
- if ($this->getPath() && (strpos($path, $this->getPath()) !== 0)) {
- return false;
- }
-
- if ($this->secure && $this->isSecure()!==$isSecure) {
- return false;
- }
-
- return true;
-
- }
-
- /**
- * Checks whether the cookie should be sent or not in a specific scenario
- *
- * @param string|Zend\Uri\Uri $uri URI to check against (secure, domain, path)
- * @param bool $matchSessionCookies Whether to send session cookies
- * @param int $now Override the current time when checking for expiry time
- * @return bool
- */
- public function match($uri, $matchSessionCookies = true, $now = null)
- {
- if (is_string ($uri)) {
- $uri = UriFactory::factory($uri);
- }
-
- // Make sure we have a valid Zend_Uri_Http object
- if (! ($uri->isValid() && ($uri->getScheme() == 'http' || $uri->getScheme() =='https'))) {
- throw new Exception\InvalidArgumentException('Passed URI is not a valid HTTP or HTTPS URI');
- }
-
- // Check that the cookie is secure (if required) and not expired
- if ($this->secure && $uri->getScheme() != 'https') return false;
- if ($this->isExpired($now)) return false;
- if ($this->isSessionCookie() && ! $matchSessionCookies) return false;
-
- // Check if the domain matches
- if (! self::matchCookieDomain($this->getDomain(), $uri->getHost())) {
- return false;
- }
-
- // Check that path matches using prefix match
- if (! self::matchCookiePath($this->getPath(), $uri->getPath())) {
- return false;
- }
-
- // If we didn't die until now, return true.
- return true;
- }
-
- /**
- * Check if a cookie's domain matches a host name.
- *
- * Used by Zend\Http\Cookies for cookie matching
- *
- * @param string $cookieDomain
- * @param string $host
- *
- * @return bool
- */
- public static function matchCookieDomain($cookieDomain, $host)
- {
- if (! $cookieDomain) {
- throw new Exception\InvalidArgumentException('$cookieDomain is expected to be a cookie domain');
- }
-
- if (! $host) {
- throw new Exception\InvalidArgumentException('$host is expected to be a host name');
- }
-
- $cookieDomain = strtolower($cookieDomain);
- $host = strtolower($host);
- // Check for either exact match or suffix match
- return ($cookieDomain == $host ||
- preg_match('/' . preg_quote($cookieDomain) . '$/', $host));
- }
-
- /**
- * Check if a cookie's path matches a URL path
- *
- * Used by Zend\Http\Cookies for cookie matching
- *
- * @param string $cookiePath
- * @param string $path
- * @return bool
- */
- public static function matchCookiePath($cookiePath, $path)
- {
- if (! $cookiePath) {
- throw new Exception\InvalidArgumentException('$cookiePath is expected to be a cookie path');
- }
-
- if (! $path) {
- throw new Exception\InvalidArgumentException('$path is expected to be a host name');
- }
-
- return (strpos($path, $cookiePath) === 0);
- }
-
- public function toString()
- {
- return 'Set-Cookie: ' . $this->getFieldValue();
- }
-
- public function toStringMultipleHeaders(array $headers)
- {
- $headerLine = $this->toString();
- /* @var $header SetCookie */
- foreach ($headers as $header) {
- if (!$header instanceof SetCookie) {
- throw new Exception\RuntimeException(
- 'The SetCookie multiple header implementation can only accept an array of SetCookie headers'
- );
- }
- $headerLine .= "\n" . $header->toString();
- }
- return $headerLine;
- }
-
-
- }
| # |
Change |
User |
Description |
Committed |
|
|
#1
|
18334 |
Liz Lam |
initial add of jambox |
9 years ago
|
|