"Fossies" - the Fresh Open Source Software Archive

Member "yii-1.1.22.bf1d26/framework/web/CHttpCookie.php" (16 Jan 2020, 3919 Bytes) of package /linux/www/yii-1.1.22.bf1d26.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) PHP source code syntax highlighting (style: standard) with prefixed line numbers and code folding option. Alternatively you can here view or download the uninterpreted source code file. For more information about "CHttpCookie.php" see the Fossies "Dox" file reference documentation and the latest Fossies "Diffs" side-by-side code changes report: 1.1.21.733ac5_vs_1.1.22.bf1d26.

    1 <?php
    2 /**
    3  * CHttpCookie class file.
    4  *
    5  * @author Qiang Xue <qiang.xue@gmail.com>
    6  * @link http://www.yiiframework.com/
    7  * @copyright 2008-2013 Yii Software LLC
    8  * @license http://www.yiiframework.com/license/
    9  */
   10 
   11 /**
   12  * A CHttpCookie instance stores a single cookie, including the cookie name, value, domain, path, expire, and secure.
   13  *
   14  * @author Qiang Xue <qiang.xue@gmail.com>
   15  * @package system.web
   16  * @since 1.0
   17  */
   18 class CHttpCookie extends CComponent
   19 {
   20     /**
   21      * SameSite policy Lax will prevent the cookie from being sent by the browser in all cross-site browsing context
   22      * during CSRF-prone request methods (e.g. POST, PUT, PATCH etc).
   23      * E.g. a POST request from https://otherdomain.com to https://yourdomain.com will not include the cookie, however a GET request will.
   24      * When a user follows a link from https://otherdomain.com to https://yourdomain.com it will include the cookie
   25      * @see $sameSite
   26      * @since 1.1.22
   27      */
   28     const SAME_SITE_LAX='Lax';
   29     /**
   30      * SameSite policy Strict will prevent the cookie from being sent by the browser in all cross-site browsing context
   31      * regardless of the request method and even when following a regular link.
   32      * E.g. a GET request from https://otherdomain.com to https://yourdomain.com or a user following a link from
   33      * https://otherdomain.com to https://yourdomain.com will not include the cookie.
   34      * @see $sameSite
   35      * @since 1.1.22
   36      */
   37     const SAME_SITE_STRICT='Strict';
   38 
   39     /**
   40      * @var string name of the cookie
   41      */
   42     public $name;
   43     /**
   44      * @var string value of the cookie
   45      */
   46     public $value='';
   47     /**
   48      * @var string domain of the cookie
   49      */
   50     public $domain='';
   51     /**
   52      * @var integer the timestamp at which the cookie expires. This is the server timestamp. Defaults to 0, meaning "until the browser is closed".
   53      */
   54     public $expire=0;
   55     /**
   56      * @var string the path on the server in which the cookie will be available on. The default is '/'.
   57      */
   58     public $path='/';
   59     /**
   60      * @var boolean whether cookie should be sent via secure connection
   61      */
   62     public $secure=false;
   63     /**
   64      * @var boolean whether the cookie should be accessible only through the HTTP protocol.
   65      * By setting this property to true, the cookie will not be accessible by scripting languages,
   66      * such as JavaScript, which can effectly help to reduce identity theft through XSS attacks.
   67      * Note, this property is only effective for PHP 5.2.0 or above.
   68      */
   69     public $httpOnly=false;
   70     /**
   71      * @var array Cookie attribute "SameSite".
   72      * @see https://www.owasp.org/index.php/SameSite
   73      * This property only works for PHP 7.3.0 or above.
   74      * @since 1.1.22
   75      */
   76     public $sameSite=self::SAME_SITE_LAX;
   77 
   78     /**
   79      * Constructor.
   80      * @param string $name name of this cookie
   81      * @param string $value value of this cookie
   82      * @param array $options the configuration array consisting of name-value pairs
   83      * that are used to configure this cookie
   84      */
   85     public function __construct($name,$value,$options=array())
   86     {
   87         $this->name=$name;
   88         $this->value=$value;
   89         $this->configure($options);
   90     }
   91     /**
   92      * This method can be used to configure the CookieObject with an array
   93      * Note: you cannot use this method to set the name and/or the value of the cookie
   94      * @param array $options the configuration array consisting of name-value pairs
   95      * that are used to configure this cookie
   96      * @since 1.1.11
   97      */
   98     public function configure($options=array())
   99     {
  100         foreach($options as $name=>$value)
  101         {
  102             if($name==='name'||$name==='value')
  103                 continue;
  104             $this->$name=$value;
  105         }
  106     }
  107     /**
  108      * Magic method to use the cookie object as a string without having to call value property first.
  109      * <code>
  110      * $value = (string)$cookies['name'];
  111      * </code>
  112      * Note, that you still have to check if the cookie exists.
  113      * @return string The value of the cookie. If the value property is null an empty string will be returned.
  114      * @since 1.1.11
  115      */
  116     public function __toString()
  117     {
  118         return (string)$this->value;
  119     }
  120 }