Rev 1050 | Rev 1116 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed
Rev | Author | Line No. | Line |
---|---|---|---|
557 | daniel-mar | 1 | <?php |
2 | |||
3 | /* |
||
4 | * OIDplus 2.0 |
||
1086 | daniel-mar | 5 | * Copyright 2019 - 2023 Daniel Marschall, ViaThinkSoft |
557 | daniel-mar | 6 | * |
7 | * Licensed under the Apache License, Version 2.0 (the "License"); |
||
8 | * you may not use this file except in compliance with the License. |
||
9 | * You may obtain a copy of the License at |
||
10 | * |
||
11 | * http://www.apache.org/licenses/LICENSE-2.0 |
||
12 | * |
||
13 | * Unless required by applicable law or agreed to in writing, software |
||
14 | * distributed under the License is distributed on an "AS IS" BASIS, |
||
15 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
||
16 | * See the License for the specific language governing permissions and |
||
17 | * limitations under the License. |
||
18 | */ |
||
19 | |||
1050 | daniel-mar | 20 | namespace ViaThinkSoft\OIDplus; |
557 | daniel-mar | 21 | |
1086 | daniel-mar | 22 | // phpcs:disable PSR1.Files.SideEffects |
23 | \defined('INSIDE_OIDPLUS') or die; |
||
24 | // phpcs:enable PSR1.Files.SideEffects |
||
25 | |||
730 | daniel-mar | 26 | class OIDplusCookieUtils extends OIDplusBaseClass { |
557 | daniel-mar | 27 | |
28 | public function unsetcookie($name) { |
||
29 | $this->setcookie($name, '', time()-9999, true); |
||
30 | } |
||
31 | |||
812 | daniel-mar | 32 | private function getCookieDomain() { |
33 | $default_domain = ''; // ini_get('session.cookie_domain'); |
||
34 | $domain = OIDplus::baseConfig()->getValue('COOKIE_DOMAIN', $default_domain); |
||
35 | if ($domain === '(auto)') { |
||
816 | daniel-mar | 36 | $tmp = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE/*_CANONICAL*/); |
812 | daniel-mar | 37 | if ($tmp === false) return $default_domain; |
38 | $tmp = parse_url($tmp); |
||
39 | if ($tmp === false) return $default_domain; |
||
40 | if (!isset($tmp['host'])) return $default_domain; |
||
41 | $domain = $tmp['host']; |
||
42 | } |
||
43 | return $domain; |
||
44 | } |
||
806 | daniel-mar | 45 | |
812 | daniel-mar | 46 | private function getCookiePath() { |
47 | $default_path = '/'; // ini_get('session.cookie_path'); |
||
48 | $path = OIDplus::baseConfig()->getValue('COOKIE_PATH', $default_path); |
||
49 | if ($path === '(auto)') { |
||
816 | daniel-mar | 50 | $tmp = OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE/*_CANONICAL*/); |
812 | daniel-mar | 51 | if ($tmp === false) return $default_path; |
52 | $tmp = parse_url($tmp); |
||
53 | if ($tmp === false) return $default_path; |
||
54 | if (!isset($tmp['path'])) return $default_path; |
||
55 | $path = $tmp['path']; |
||
808 | daniel-mar | 56 | |
812 | daniel-mar | 57 | // Alternatively: |
58 | //$path = OIDplus::webpath(null,OIDplus::PATH_RELATIVE_TO_ROOT_CANONICAL); |
||
59 | //if ($path === false) return $default_path; |
||
60 | } |
||
61 | return $path; |
||
62 | } |
||
557 | daniel-mar | 63 | |
847 | daniel-mar | 64 | // TODO: There are several PHPSESSID cookies set. That's not very nice. We should collect the cookies and then at script ending only send the last definition one time. |
974 | daniel-mar | 65 | public function setcookie($name, $value, $expires=0, $allowJS=false, $samesite=null, $forceInsecure=false) { |
812 | daniel-mar | 66 | $domain = $this->getCookieDomain(); |
67 | $path = $this->getCookiePath(); |
||
974 | daniel-mar | 68 | $secure = $forceInsecure ? false : OIDplus::isSSL(); |
557 | daniel-mar | 69 | $httponly = !$allowJS; |
564 | daniel-mar | 70 | if (is_null($samesite)) { |
71 | $samesite = OIDplus::baseConfig()->getValue('COOKIE_SAMESITE_POLICY', 'Strict'); |
||
72 | } |
||
557 | daniel-mar | 73 | |
74 | if (strnatcmp(phpversion(),'7.3.0') >= 0) { |
||
75 | $options = array( |
||
76 | "expires" => $expires, |
||
77 | "path" => $path, |
||
78 | "domain" => $domain, |
||
79 | "secure" => $secure, |
||
80 | "httponly" => $httponly, |
||
81 | "samesite" => $samesite |
||
82 | ); |
||
83 | setcookie($name, $value, $options); |
||
84 | } else { |
||
85 | setcookie($name, $value, $expires, $path.'; samesite='.$samesite, $domain, $secure, $httponly); |
||
86 | } |
||
87 | } |
||
88 | |||
89 | } |