Drupal investigation

Cookie.php 8.2KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289290291292293294295296297298299300301302303304305306307308
  1. <?php
  2. /*
  3. * This file is part of the Symfony package.
  4. *
  5. * (c) Fabien Potencier <fabien@symfony.com>
  6. *
  7. * For the full copyright and license information, please view the LICENSE
  8. * file that was distributed with this source code.
  9. */
  10. namespace Symfony\Component\BrowserKit;
  11. /**
  12. * Cookie represents an HTTP cookie.
  13. *
  14. * @author Fabien Potencier <fabien@symfony.com>
  15. */
  16. class Cookie
  17. {
  18. /**
  19. * Handles dates as defined by RFC 2616 section 3.3.1, and also some other
  20. * non-standard, but common formats.
  21. *
  22. * @var array
  23. */
  24. private static $dateFormats = array(
  25. 'D, d M Y H:i:s T',
  26. 'D, d-M-y H:i:s T',
  27. 'D, d-M-Y H:i:s T',
  28. 'D, d-m-y H:i:s T',
  29. 'D, d-m-Y H:i:s T',
  30. 'D M j G:i:s Y',
  31. 'D M d H:i:s Y T',
  32. );
  33. protected $name;
  34. protected $value;
  35. protected $expires;
  36. protected $path;
  37. protected $domain;
  38. protected $secure;
  39. protected $httponly;
  40. protected $rawValue;
  41. /**
  42. * Sets a cookie.
  43. *
  44. * @param string $name The cookie name
  45. * @param string $value The value of the cookie
  46. * @param string $expires The time the cookie expires
  47. * @param string $path The path on the server in which the cookie will be available on
  48. * @param string $domain The domain that the cookie is available
  49. * @param bool $secure Indicates that the cookie should only be transmitted over a secure HTTPS connection from the client
  50. * @param bool $httponly The cookie httponly flag
  51. * @param bool $encodedValue Whether the value is encoded or not
  52. */
  53. public function __construct($name, $value, $expires = null, $path = null, $domain = '', $secure = false, $httponly = true, $encodedValue = false)
  54. {
  55. if ($encodedValue) {
  56. $this->value = urldecode($value);
  57. $this->rawValue = $value;
  58. } else {
  59. $this->value = $value;
  60. $this->rawValue = urlencode($value);
  61. }
  62. $this->name = $name;
  63. $this->path = empty($path) ? '/' : $path;
  64. $this->domain = $domain;
  65. $this->secure = (bool) $secure;
  66. $this->httponly = (bool) $httponly;
  67. if (null !== $expires) {
  68. $timestampAsDateTime = \DateTime::createFromFormat('U', $expires);
  69. if (false === $timestampAsDateTime) {
  70. throw new \UnexpectedValueException(sprintf('The cookie expiration time "%s" is not valid.', $expires));
  71. }
  72. $this->expires = $timestampAsDateTime->format('U');
  73. }
  74. }
  75. /**
  76. * Returns the HTTP representation of the Cookie.
  77. *
  78. * @return string The HTTP representation of the Cookie
  79. *
  80. * @throws \UnexpectedValueException
  81. */
  82. public function __toString()
  83. {
  84. $cookie = sprintf('%s=%s', $this->name, $this->rawValue);
  85. if (null !== $this->expires) {
  86. $dateTime = \DateTime::createFromFormat('U', $this->expires, new \DateTimeZone('GMT'));
  87. $cookie .= '; expires='.str_replace('+0000', '', $dateTime->format(self::$dateFormats[0]));
  88. }
  89. if ('' !== $this->domain) {
  90. $cookie .= '; domain='.$this->domain;
  91. }
  92. if ($this->path) {
  93. $cookie .= '; path='.$this->path;
  94. }
  95. if ($this->secure) {
  96. $cookie .= '; secure';
  97. }
  98. if ($this->httponly) {
  99. $cookie .= '; httponly';
  100. }
  101. return $cookie;
  102. }
  103. /**
  104. * Creates a Cookie instance from a Set-Cookie header value.
  105. *
  106. * @param string $cookie A Set-Cookie header value
  107. * @param string $url The base URL
  108. *
  109. * @return static
  110. *
  111. * @throws \InvalidArgumentException
  112. */
  113. public static function fromString($cookie, $url = null)
  114. {
  115. $parts = explode(';', $cookie);
  116. if (false === strpos($parts[0], '=')) {
  117. throw new \InvalidArgumentException(sprintf('The cookie string "%s" is not valid.', $parts[0]));
  118. }
  119. list($name, $value) = explode('=', array_shift($parts), 2);
  120. $values = array(
  121. 'name' => trim($name),
  122. 'value' => trim($value),
  123. 'expires' => null,
  124. 'path' => '/',
  125. 'domain' => '',
  126. 'secure' => false,
  127. 'httponly' => false,
  128. 'passedRawValue' => true,
  129. );
  130. if (null !== $url) {
  131. if ((false === $urlParts = parse_url($url)) || !isset($urlParts['host'])) {
  132. throw new \InvalidArgumentException(sprintf('The URL "%s" is not valid.', $url));
  133. }
  134. $values['domain'] = $urlParts['host'];
  135. $values['path'] = isset($urlParts['path']) ? substr($urlParts['path'], 0, strrpos($urlParts['path'], '/')) : '';
  136. }
  137. foreach ($parts as $part) {
  138. $part = trim($part);
  139. if ('secure' === strtolower($part)) {
  140. // Ignore the secure flag if the original URI is not given or is not HTTPS
  141. if (!$url || !isset($urlParts['scheme']) || 'https' != $urlParts['scheme']) {
  142. continue;
  143. }
  144. $values['secure'] = true;
  145. continue;
  146. }
  147. if ('httponly' === strtolower($part)) {
  148. $values['httponly'] = true;
  149. continue;
  150. }
  151. if (2 === count($elements = explode('=', $part, 2))) {
  152. if ('expires' === strtolower($elements[0])) {
  153. $elements[1] = self::parseDate($elements[1]);
  154. }
  155. $values[strtolower($elements[0])] = $elements[1];
  156. }
  157. }
  158. return new static(
  159. $values['name'],
  160. $values['value'],
  161. $values['expires'],
  162. $values['path'],
  163. $values['domain'],
  164. $values['secure'],
  165. $values['httponly'],
  166. $values['passedRawValue']
  167. );
  168. }
  169. private static function parseDate($dateValue)
  170. {
  171. // trim single quotes around date if present
  172. if (($length = strlen($dateValue)) > 1 && "'" === $dateValue[0] && "'" === $dateValue[$length - 1]) {
  173. $dateValue = substr($dateValue, 1, -1);
  174. }
  175. foreach (self::$dateFormats as $dateFormat) {
  176. if (false !== $date = \DateTime::createFromFormat($dateFormat, $dateValue, new \DateTimeZone('GMT'))) {
  177. return $date->format('U');
  178. }
  179. }
  180. // attempt a fallback for unusual formatting
  181. if (false !== $date = date_create($dateValue, new \DateTimeZone('GMT'))) {
  182. return $date->format('U');
  183. }
  184. }
  185. /**
  186. * Gets the name of the cookie.
  187. *
  188. * @return string The cookie name
  189. */
  190. public function getName()
  191. {
  192. return $this->name;
  193. }
  194. /**
  195. * Gets the value of the cookie.
  196. *
  197. * @return string The cookie value
  198. */
  199. public function getValue()
  200. {
  201. return $this->value;
  202. }
  203. /**
  204. * Gets the raw value of the cookie.
  205. *
  206. * @return string The cookie value
  207. */
  208. public function getRawValue()
  209. {
  210. return $this->rawValue;
  211. }
  212. /**
  213. * Gets the expires time of the cookie.
  214. *
  215. * @return string The cookie expires time
  216. */
  217. public function getExpiresTime()
  218. {
  219. return $this->expires;
  220. }
  221. /**
  222. * Gets the path of the cookie.
  223. *
  224. * @return string The cookie path
  225. */
  226. public function getPath()
  227. {
  228. return $this->path;
  229. }
  230. /**
  231. * Gets the domain of the cookie.
  232. *
  233. * @return string The cookie domain
  234. */
  235. public function getDomain()
  236. {
  237. return $this->domain;
  238. }
  239. /**
  240. * Returns the secure flag of the cookie.
  241. *
  242. * @return bool The cookie secure flag
  243. */
  244. public function isSecure()
  245. {
  246. return $this->secure;
  247. }
  248. /**
  249. * Returns the httponly flag of the cookie.
  250. *
  251. * @return bool The cookie httponly flag
  252. */
  253. public function isHttpOnly()
  254. {
  255. return $this->httponly;
  256. }
  257. /**
  258. * Returns true if the cookie has expired.
  259. *
  260. * @return bool true if the cookie has expired, false otherwise
  261. */
  262. public function isExpired()
  263. {
  264. return null !== $this->expires && 0 != $this->expires && $this->expires < time();
  265. }
  266. }