Subversion Repositories oidplus

Rev

Rev 806 | Rev 811 | Go to most recent revision | Details | Compare with Previous | Last modification | View Log | RSS feed

Rev Author Line No. Line
557 daniel-mar 1 
<?php
2 
 
3 
/*
4 
 * OIDplus 2.0
5 
 * Copyright 2019 - 2021 Daniel Marschall, ViaThinkSoft
6 
 *
7 
 * Licensed under the Apache License, Version 2.0 (the "License");
8 
 * you may not use this file except in compliance with the License.
9 
 * You may obtain a copy of the License at
10 
 *
11 
 *     http://www.apache.org/licenses/LICENSE-2.0
12 
 *
13 
 * Unless required by applicable law or agreed to in writing, software
14 
 * distributed under the License is distributed on an "AS IS" BASIS,
15 
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 
 * See the License for the specific language governing permissions and
17 
 * limitations under the License.
18 
 */
19 
 
20 
if (!defined('INSIDE_OIDPLUS')) die();
21 
 
730 daniel-mar 22 
class OIDplusCookieUtils extends OIDplusBaseClass {
557 daniel-mar 23 
 
24 
        public function unsetcookie($name) {
25 
                $this->setcookie($name, '', time()-9999, true);
26 
        }
27 
 
564 daniel-mar 28 
        public function setcookie($name, $value, $expires=0, $allowJS=false, $samesite=null) {
557 daniel-mar 29 
                // $path = ini_get('session.cookie_path');
806 daniel-mar 30 
 
31 
                // Here, we will use the absolute system path the visitor is using (NOT the canonical one!)
808 daniel-mar 32 
                // but remove the hostname and protocol, so that we only have the path relative to the root left.
33 
                //$path = parse_url(OIDplus::webpath(null,OIDplus::PATH_ABSOLUTE))['path'];
34 
 
806 daniel-mar 35 
                // TODO: If CANONICAL_SYSTEM_URL is a proxy URL and the proxy and the actual system use different
808 daniel-mar 36 
                //       directory levels, then this path of PATH_ABSOLUTE will be wrong!
37 
                // We use set '/' for now, until we have a better solution!
38 
                $path = '/';
557 daniel-mar 39 
 
40 
                $domain = '';
580 daniel-mar 41 
                $secure = OIDplus::isSSL();
557 daniel-mar 42 
                $httponly = !$allowJS;
564 daniel-mar 43 
                if (is_null($samesite)) {
44 
                        $samesite = OIDplus::baseConfig()->getValue('COOKIE_SAMESITE_POLICY', 'Strict');
45 
                }
557 daniel-mar 46 
 
47 
                if (strnatcmp(phpversion(),'7.3.0') >= 0) {
48 
                        $options = array(
49 
                                "expires" => $expires,
50 
                                "path" => $path,
51 
                                "domain" => $domain,
52 
                                "secure" => $secure,
53 
                                "httponly" => $httponly,
54 
                                "samesite" => $samesite
55 
                        );
56 
                        setcookie($name, $value, $options);
57 
                } else {
58 
                        setcookie($name, $value, $expires, $path.'; samesite='.$samesite, $domain, $secure, $httponly);
59 
                }
60 
        }
61 
 
62 
}