php/external/Zend/Http/Cookie.php

   1 <?php
   2 /**
   3  * Zend Framework
   4  *
   5  * LICENSE
   6  *
   7  * This source file is subject to version 1.0 of the Zend Framework
   8  * license, that is bundled with this package in the file LICENSE.txt,
   9  * and is available through the world-wide-web at the following URL:
  10  * http://framework.zend.com/license/new-bsd. If you did not
  11  * receive a copy of the Zend Framework license and are unable to
  12  * obtain it through the world-wide-web, please send a note to
  13  * license@zend.com so we can mail you a copy immediately.
  14  *
  15  * @category   Zend
  16  * @package    Zend_Http
  17  * @subpackage Cookie
  18  * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com/)
  19  * @version    $Id: Cookie.php 8064 2008-02-16 10:58:39Z thomas $
  20  * @license    http://framework.zend.com/license/new-bsd     New BSD License
  21  */
  22
  23 require_once 'external/Zend/Uri/Http.php';
  24
  25 /**
  26  * Zend_Http_Cookie is a class describing an HTTP cookie and all it's parameters.
  27  *
  28  * Zend_Http_Cookie is a class describing an HTTP cookie and all it's parameters. The
  29  * class also enables validating whether the cookie should be sent to the server in
  30  * a specified scenario according to the request URI, the expiry time and whether
  31  * session cookies should be used or not. Generally speaking cookies should be
  32  * contained in a Cookiejar object, or instantiated manually and added to an HTTP
  33  * request.
  34  *
  35  * See http://wp.netscape.com/newsref/std/cookie_spec.html for some specs.
  36  *
  37  * @category    Zend
  38  * @package     Zend_Http
  39  * @copyright  Copyright (c) 2005-2008 Zend Technologies USA Inc. (http://www.zend.com/)
  40  * @license    http://framework.zend.com/license/new-bsd     New BSD License
  41  */
  42 class Zend_Http_Cookie {
  43   /**
  44    * Cookie name
  45    *
  46    * @var string
  47    */
  48   protected $name;
  49
  50   /**
  51    * Cookie value
  52    *
  53    * @var string
  54    */
  55   protected $value;
  56
  57   /**
  58    * Cookie expiry date
  59    *
  60    * @var int
  61    */
  62   protected $expires;
  63
  64   /**
  65    * Cookie domain
  66    *
  67    * @var string
  68    */
  69   protected $domain;
  70
  71   /**
  72    * Cookie path
  73    *
  74    * @var string
  75    */
  76   protected $path;
  77
  78   /**
  79    * Whether the cookie is secure or not
  80    *
  81    * @var boolean
  82    */
  83   protected $secure;
  84
  85   /**
  86    * Cookie object constructor
  87    *
  88    * @todo Add validation of each one of the parameters (legal domain, etc.)
  89    *
  90    * @param string $name
  91    * @param string $value
  92    * @param int $expires
  93    * @param string $domain
  94    * @param string $path
  95    * @param bool $secure
  96    */
  97   public function __construct($name, $value, $domain, $expires = null, $path = null, $secure = false) {
  98     if (preg_match("/[=,; \t\r\n\013\014]/", $name)) {
  99       require_once 'external/Zend/Http/Exception.php';
 100       throw new Zend_Http_Exception("Cookie name cannot contain these characters: =,; \\t\\r\\n\\013\\014 ({$name})");
 101     }
 102
 103     if (! $this->name = (string)$name) {
 104       require_once 'external/Zend/Http/Exception.php';
 105       throw new Zend_Http_Exception('Cookies must have a name');
 106     }
 107
 108     if (! $this->domain = (string)$domain) {
 109       require_once 'external/Zend/Http/Exception.php';
 110       throw new Zend_Http_Exception('Cookies must have a domain');
 111     }
 112
 113     $this->value = (string)$value;
 114     $this->expires = ($expires === null ? null : (int)$expires);
 115     $this->path = ($path ? $path : '/');
 116     $this->secure = $secure;
 117   }
 118
 119   /**
 120    * Get Cookie name
 121    *
 122    * @return string
 123    */
 124   public function getName() {
 125     return $this->name;
 126   }
 127
 128   /**
 129    * Get cookie value
 130    *
 131    * @return string
 132    */
 133   public function getValue() {
 134     return $this->value;
 135   }
 136
 137   /**
 138    * Get cookie domain
 139    *
 140    * @return string
 141    */
 142   public function getDomain() {
 143     return $this->domain;
 144   }
 145
 146   /**
 147    * Get the cookie path
 148    *
 149    * @return string
 150    */
 151   public function getPath() {
 152     return $this->path;
 153   }
 154
 155   /**
 156    * Get the expiry time of the cookie, or null if no expiry time is set
 157    *
 158    * @return int|null
 159    */
 160   public function getExpiryTime() {
 161     return $this->expires;
 162   }
 163
 164   /**
 165    * Check whether the cookie should only be sent over secure connections
 166    *
 167    * @return boolean
 168    */
 169   public function isSecure() {
 170     return $this->secure;
 171   }
 172
 173   /**
 174    * Check whether the cookie has expired
 175    *
 176    * Always returns false if the cookie is a session cookie (has no expiry time)
 177    *
 178    * @param int $now Timestamp to consider as "now"
 179    * @return boolean
 180    */
 181   public function isExpired($now = null) {
 182     if ($now === null) $now = time();
 183     if (is_int($this->expires) && $this->expires < $now) {
 184       return true;
 185     } else {
 186       return false;
 187     }
 188   }
 189
 190   /**
 191    * Check whether the cookie is a session cookie (has no expiry time set)
 192    *
 193    * @return boolean
 194    */
 195   public function isSessionCookie() {
 196     return ($this->expires === null);
 197   }
 198
 199   /**
 200    * Checks whether the cookie should be sent or not in a specific scenario
 201    *
 202    * @param string|Zend_Uri_Http $uri URI to check against (secure, domain, path)
 203    * @param boolean $matchSessionCookies Whether to send session cookies
 204    * @param int $now Override the current time when checking for expiry time
 205    * @return boolean
 206    */
 207   public function match($uri, $matchSessionCookies = true, $now = null) {
 208     if (is_string($uri)) {
 209       $uri = Zend_Uri_Http::factory($uri);
 210     }
 211
 212     // Make sure we have a valid Zend_Uri_Http object
 213     if (! ($uri->valid() && ($uri->getScheme() == 'http' || $uri->getScheme() == 'https'))) {
 214       require_once 'external/Zend/Http/Exception.php';
 215       throw new Zend_Http_Exception('Passed URI is not a valid HTTP or HTTPS URI');
 216     }
 217
 218     // Check that the cookie is secure (if required) and not expired
 219     if ($this->secure && $uri->getScheme() != 'https') return false;
 220     if ($this->isExpired($now)) return false;
 221     if ($this->isSessionCookie() && ! $matchSessionCookies) return false;
 222
 223     // Validate domain and path
 224     // Domain is validated using tail match, while path is validated using head match
 225     $domain_preg = preg_quote($this->getDomain(), "/");
 226     if (! preg_match("/{$domain_preg}$/", $uri->getHost())) return false;
 227     $path_preg = preg_quote($this->getPath(), "/");
 228     if (! preg_match("/^{$path_preg}/", $uri->getPath())) return false;
 229
 230     // If we didn't die until now, return true.
 231     return true;
 232   }
 233
 234   /**
 235    * Get the cookie as a string, suitable for sending as a "Cookie" header in an
 236    * HTTP request
 237    *
 238    * @return string
 239    */
 240   public function __toString() {
 241     return $this->name . '=' . urlencode($this->value) . ';';
 242   }
 243
 244   /**
 245    * Generate a new Cookie object from a cookie string
 246    * (for example the value of the Set-Cookie HTTP header)
 247    *
 248    * @param string $cookieStr
 249    * @param Zend_Uri_Http|string $ref_uri Reference URI for default values (domain, path)
 250    * @return Zend_Http_Cookie A new Zend_Http_Cookie object or false on failure.
 251    */
 252   public static function fromString($cookieStr, $ref_uri = null) {
 253     // Set default values
 254     if (is_string($ref_uri)) {
 255       $ref_uri = Zend_Uri_Http::factory($ref_uri);
 256     }
 257
 258     $name = '';
 259     $value = '';
 260     $domain = '';
 261     $path = '';
 262     $expires = null;
 263     $secure = false;
 264     $parts = explode(';', $cookieStr);
 265
 266     // If first part does not include '=', fail
 267     if (strpos($parts[0], '=') === false) return false;
 268
 269     // Get the name and value of the cookie
 270     list($name, $value) = explode('=', trim(array_shift($parts)), 2);
 271     $name = trim($name);
 272     $value = urldecode(trim($value));
 273
 274     // Set default domain and path
 275     if ($ref_uri instanceof Zend_Uri_Http) {
 276       $domain = $ref_uri->getHost();
 277       $path = $ref_uri->getPath();
 278       $path = substr($path, 0, strrpos($path, '/'));
 279     }
 280
 281     // Set other cookie parameters
 282     foreach ($parts as $part) {
 283       $part = trim($part);
 284       if (strtolower($part) == 'secure') {
 285         $secure = true;
 286         continue;
 287       }
 288
 289       $keyValue = explode('=', $part, 2);
 290       if (count($keyValue) == 2) {
 291         list($k, $v) = $keyValue;
 292         switch (strtolower($k)) {
 293           case 'expires':
 294             $expires = strtotime($v);
 295             break;
 296           case 'path':
 297             $path = $v;
 298             break;
 299           case 'domain':
 300             $domain = $v;
 301             break;
 302           default:
 303             break;
 304         }
 305       }
 306     }
 307
 308     if ($name !== '') {
 309       return new Zend_Http_Cookie($name, $value, $domain, $expires, $path, $secure);
 310     } else {
 311       return false;
 312     }
 313   }
 314 }