| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161 | <?php defined('SYSPATH') OR die('No direct script access.');/** * Cookie helper. * * @package    Kohana * @category   Helpers * @author     Kohana Team * @copyright  (c) 2008-2012 Kohana Team * @license    http://kohanaframework.org/license */class Kohana_Cookie {	/**	 * @var  string  Magic salt to add to the cookie	 */	public static $salt = NULL;	/**	 * @var  integer  Number of seconds before the cookie expires	 */	public static $expiration = 0;	/**	 * @var  string  Restrict the path that the cookie is available to	 */	public static $path = '/';	/**	 * @var  string  Restrict the domain that the cookie is available to	 */	public static $domain = NULL;	/**	 * @var  boolean  Only transmit cookies over secure connections	 */	public static $secure = FALSE;	/**	 * @var  boolean  Only transmit cookies over HTTP, disabling Javascript access	 */	public static $httponly = FALSE;	/**	 * Gets the value of a signed cookie. Cookies without signatures will not	 * be returned. If the cookie signature is present, but invalid, the cookie	 * will be deleted.	 *	 *     // Get the "theme" cookie, or use "blue" if the cookie does not exist	 *     $theme = Cookie::get('theme', 'blue');	 *	 * @param   string  $key        cookie name	 * @param   mixed   $default    default value to return	 * @return  string	 */	public static function get($key, $default = NULL)	{		if ( ! isset($_COOKIE[$key]))		{			// The cookie does not exist			return $default;		}		// Get the cookie value		$cookie = $_COOKIE[$key];		// Find the position of the split between salt and contents		$split = strlen(Cookie::salt($key, NULL));		if (isset($cookie[$split]) AND $cookie[$split] === '~')		{			// Separate the salt and the value			list ($hash, $value) = explode('~', $cookie, 2);			if (Cookie::salt($key, $value) === $hash)			{				// Cookie signature is valid				return $value;			}			// The cookie signature is invalid, delete it			Cookie::delete($key);		}		return $default;	}	/**	 * Sets a signed cookie. Note that all cookie values must be strings and no	 * automatic serialization will be performed!	 *	 *     // Set the "theme" cookie	 *     Cookie::set('theme', 'red');	 *	 * @param   string  $name       name of cookie	 * @param   string  $value      value of cookie	 * @param   integer $expiration lifetime in seconds	 * @return  boolean	 * @uses    Cookie::salt	 */	public static function set($name, $value, $expiration = NULL)	{		if ($expiration === NULL)		{			// Use the default expiration			$expiration = Cookie::$expiration;		}		if ($expiration !== 0)		{			// The expiration is expected to be a UNIX timestamp			$expiration += time();		}		// Add the salt to the cookie value		$value = Cookie::salt($name, $value).'~'.$value;		return setcookie($name, $value, $expiration, Cookie::$path, Cookie::$domain, Cookie::$secure, Cookie::$httponly);	}	/**	 * Deletes a cookie by making the value NULL and expiring it.	 *	 *     Cookie::delete('theme');	 *	 * @param   string  $name   cookie name	 * @return  boolean	 * @uses    Cookie::set	 */	public static function delete($name)	{		// Remove the cookie		unset($_COOKIE[$name]);		// Nullify the cookie and make it expire		return setcookie($name, NULL, -86400, Cookie::$path, Cookie::$domain, Cookie::$secure, Cookie::$httponly);	}	/**	 * Generates a salt string for a cookie based on the name and value.	 *	 *     $salt = Cookie::salt('theme', 'red');	 *	 * @param   string  $name   name of cookie	 * @param   string  $value  value of cookie	 * @return  string	 */	public static function salt($name, $value)	{		// Require a valid salt		if ( ! Cookie::$salt)		{			throw new Kohana_Exception('A valid cookie salt is required. Please set Cookie::$salt.');		}		// Determine the user agent		$agent = isset($_SERVER['HTTP_USER_AGENT']) ? strtolower($_SERVER['HTTP_USER_AGENT']) : 'unknown';		return sha1($agent.$name.$value.Cookie::$salt);	}} // End cookie
 |