SessionManager: Change behavior of getSessionById()
[mediawiki.git] / includes / WebResponse.php
blobf14cf2289cc066f2e30fddfc39a0d700b3c68236
1 <?php
2 /**
3 * Classes used to send headers and cookies back to the user
5 * This program is free software; you can redistribute it and/or modify
6 * it under the terms of the GNU General Public License as published by
7 * the Free Software Foundation; either version 2 of the License, or
8 * (at your option) any later version.
10 * This program is distributed in the hope that it will be useful,
11 * but WITHOUT ANY WARRANTY; without even the implied warranty of
12 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
13 * GNU General Public License for more details.
15 * You should have received a copy of the GNU General Public License along
16 * with this program; if not, write to the Free Software Foundation, Inc.,
17 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
18 * http://www.gnu.org/copyleft/gpl.html
20 * @file
23 /**
24 * Allow programs to request this object from WebRequest::response()
25 * and handle all outputting (or lack of outputting) via it.
26 * @ingroup HTTP
28 class WebResponse {
30 /** @var array Used to record set cookies, because PHP's setcookie() will
31 * happily send an identical Set-Cookie to the client.
33 protected static $setCookies = array();
35 /**
36 * Output an HTTP header, wrapper for PHP's header()
37 * @param string $string Header to output
38 * @param bool $replace Replace current similar header
39 * @param null|int $http_response_code Forces the HTTP response code to the specified value.
41 public function header( $string, $replace = true, $http_response_code = null ) {
42 header( $string, $replace, $http_response_code );
45 /**
46 * Get a response header
47 * @param string $key The name of the header to get (case insensitive).
48 * @return string|null The header value (if set); null otherwise.
49 * @since 1.25
51 public function getHeader( $key ) {
52 foreach ( headers_list() as $header ) {
53 list( $name, $val ) = explode( ':', $header, 2 );
54 if ( !strcasecmp( $name, $key ) ) {
55 return trim( $val );
58 return null;
61 /**
62 * Output an HTTP status code header
63 * @since 1.26
64 * @param int $code Status code
66 public function statusHeader( $code ) {
67 HttpStatus::header( $code );
70 /**
71 * Test if headers have been sent
72 * @since 1.27
73 * @return bool
75 public function headersSent() {
76 return headers_sent();
79 /**
80 * Set the browser cookie
81 * @param string $name The name of the cookie.
82 * @param string $value The value to be stored in the cookie.
83 * @param int|null $expire Unix timestamp (in seconds) when the cookie should expire.
84 * 0 (the default) causes it to expire $wgCookieExpiration seconds from now.
85 * null causes it to be a session cookie.
86 * @param array $options Assoc of additional cookie options:
87 * prefix: string, name prefix ($wgCookiePrefix)
88 * domain: string, cookie domain ($wgCookieDomain)
89 * path: string, cookie path ($wgCookiePath)
90 * secure: bool, secure attribute ($wgCookieSecure)
91 * httpOnly: bool, httpOnly attribute ($wgCookieHttpOnly)
92 * raw: bool, if true uses PHP's setrawcookie() instead of setcookie()
93 * For backwards compatibility, if $options is not an array then it and
94 * the following two parameters will be interpreted as values for
95 * 'prefix', 'domain', and 'secure'
96 * @since 1.22 Replaced $prefix, $domain, and $forceSecure with $options
98 public function setCookie( $name, $value, $expire = 0, $options = array() ) {
99 global $wgCookiePath, $wgCookiePrefix, $wgCookieDomain;
100 global $wgCookieSecure, $wgCookieExpiration, $wgCookieHttpOnly;
102 if ( !is_array( $options ) ) {
103 // Backwards compatibility
104 $options = array( 'prefix' => $options );
105 if ( func_num_args() >= 5 ) {
106 $options['domain'] = func_get_arg( 4 );
108 if ( func_num_args() >= 6 ) {
109 $options['secure'] = func_get_arg( 5 );
112 $options = array_filter( $options, function ( $a ) {
113 return $a !== null;
114 } ) + array(
115 'prefix' => $wgCookiePrefix,
116 'domain' => $wgCookieDomain,
117 'path' => $wgCookiePath,
118 'secure' => $wgCookieSecure,
119 'httpOnly' => $wgCookieHttpOnly,
120 'raw' => false,
123 if ( $expire === null ) {
124 $expire = 0; // Session cookie
125 } elseif ( $expire == 0 && $wgCookieExpiration != 0 ) {
126 $expire = time() + $wgCookieExpiration;
129 $func = $options['raw'] ? 'setrawcookie' : 'setcookie';
131 if ( Hooks::run( 'WebResponseSetCookie', array( &$name, &$value, &$expire, $options ) ) ) {
132 $cookie = $options['prefix'] . $name;
133 $data = array(
134 (string)$cookie,
135 (string)$value,
136 (int)$expire,
137 (string)$options['path'],
138 (string)$options['domain'],
139 (bool)$options['secure'],
140 (bool)$options['httpOnly'],
142 if ( !isset( self::$setCookies[$cookie] ) ||
143 self::$setCookies[$cookie] !== array( $func, $data )
145 wfDebugLog( 'cookie', $func . ': "' . implode( '", "', $data ) . '"' );
146 if ( call_user_func_array( $func, $data ) ) {
147 self::$setCookies[$cookie] = array( $func, $data );
149 } else {
150 wfDebugLog( 'cookie', 'already set ' . $func . ': "' . implode( '", "', $data ) . '"' );
156 * Unset a browser cookie.
157 * This sets the cookie with an empty value and an expiry set to a time in the past,
158 * which will cause the browser to remove any cookie with the given name, domain and
159 * path from its cookie store. Options other than these (and prefix) have no effect.
160 * @param string $name Cookie name
161 * @param array $options Cookie options, see {@link setCookie()}
162 * @since 1.27
164 public function clearCookie( $name, $options = array() ) {
165 $this->setCookie( $name, '', time() - 31536000 /* 1 year */, $options );
170 * @ingroup HTTP
172 class FauxResponse extends WebResponse {
173 private $headers;
174 private $cookies = array();
175 private $code;
178 * Stores a HTTP header
179 * @param string $string Header to output
180 * @param bool $replace Replace current similar header
181 * @param null|int $http_response_code Forces the HTTP response code to the specified value.
183 public function header( $string, $replace = true, $http_response_code = null ) {
184 if ( substr( $string, 0, 5 ) == 'HTTP/' ) {
185 $parts = explode( ' ', $string, 3 );
186 $this->code = intval( $parts[1] );
187 } else {
188 list( $key, $val ) = array_map( 'trim', explode( ":", $string, 2 ) );
190 $key = strtoupper( $key );
192 if ( $replace || !isset( $this->headers[$key] ) ) {
193 $this->headers[$key] = $val;
197 if ( $http_response_code !== null ) {
198 $this->code = intval( $http_response_code );
203 * @since 1.26
204 * @param int $code Status code
206 public function statusHeader( $code ) {
207 $this->code = intval( $code );
210 public function headersSent() {
211 return false;
215 * @param string $key The name of the header to get (case insensitive).
216 * @return string|null The header value (if set); null otherwise.
218 public function getHeader( $key ) {
219 $key = strtoupper( $key );
221 if ( isset( $this->headers[$key] ) ) {
222 return $this->headers[$key];
224 return null;
228 * Get the HTTP response code, null if not set
230 * @return int|null
232 public function getStatusCode() {
233 return $this->code;
237 * @param string $name The name of the cookie.
238 * @param string $value The value to be stored in the cookie.
239 * @param int|null $expire Ignored in this faux subclass.
240 * @param array $options Ignored in this faux subclass.
242 public function setCookie( $name, $value, $expire = 0, $options = array() ) {
243 global $wgCookiePath, $wgCookiePrefix, $wgCookieDomain;
244 global $wgCookieSecure, $wgCookieExpiration, $wgCookieHttpOnly;
246 if ( !is_array( $options ) ) {
247 // Backwards compatibility
248 $options = array( 'prefix' => $options );
249 if ( func_num_args() >= 5 ) {
250 $options['domain'] = func_get_arg( 4 );
252 if ( func_num_args() >= 6 ) {
253 $options['secure'] = func_get_arg( 5 );
256 $options = array_filter( $options, function ( $a ) {
257 return $a !== null;
258 } ) + array(
259 'prefix' => $wgCookiePrefix,
260 'domain' => $wgCookieDomain,
261 'path' => $wgCookiePath,
262 'secure' => $wgCookieSecure,
263 'httpOnly' => $wgCookieHttpOnly,
264 'raw' => false,
267 if ( $expire === null ) {
268 $expire = 0; // Session cookie
269 } elseif ( $expire == 0 && $wgCookieExpiration != 0 ) {
270 $expire = time() + $wgCookieExpiration;
273 $this->cookies[$options['prefix'] . $name] = array(
274 'value' => (string)$value,
275 'expire' => (int)$expire,
276 'path' => (string)$options['path'],
277 'domain' => (string)$options['domain'],
278 'secure' => (bool)$options['secure'],
279 'httpOnly' => (bool)$options['httpOnly'],
280 'raw' => (bool)$options['raw'],
285 * @param string $name
286 * @return string|null
288 public function getCookie( $name ) {
289 if ( isset( $this->cookies[$name] ) ) {
290 return $this->cookies[$name]['value'];
292 return null;
296 * @param string $name
297 * @return array|null
299 public function getCookieData( $name ) {
300 if ( isset( $this->cookies[$name] ) ) {
301 return $this->cookies[$name];
303 return null;
307 * @return array
309 public function getCookies() {
310 return $this->cookies;