123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223224225226227228229230231232233234235236237238239240241242243244245246247248249250251252253254255256257258259260261262263264265266267268269270271272273274275276277278279280281282283284285286287288289 |
- <?php
- /*
- * This file is part of the Symfony package.
- *
- * (c) Fabien Potencier <fabien@symfony.com>
- *
- * For the full copyright and license information, please view the LICENSE
- * file that was distributed with this source code.
- */
- namespace Symfony\Component\HttpFoundation;
- /**
- * Represents a cookie.
- *
- * @author Johannes M. Schmitt <schmittjoh@gmail.com>
- */
- class Cookie
- {
- protected $name;
- protected $value;
- protected $domain;
- protected $expire;
- protected $path;
- protected $secure;
- protected $httpOnly;
- private $raw;
- private $sameSite;
- const SAMESITE_LAX = 'lax';
- const SAMESITE_STRICT = 'strict';
- /**
- * Creates cookie from raw header string.
- *
- * @param string $cookie
- * @param bool $decode
- *
- * @return static
- */
- public static function fromString($cookie, $decode = false)
- {
- $data = array(
- 'expires' => 0,
- 'path' => '/',
- 'domain' => null,
- 'secure' => false,
- 'httponly' => false,
- 'raw' => !$decode,
- 'samesite' => null,
- );
- foreach (explode(';', $cookie) as $part) {
- if (false === strpos($part, '=')) {
- $key = trim($part);
- $value = true;
- } else {
- list($key, $value) = explode('=', trim($part), 2);
- $key = trim($key);
- $value = trim($value);
- }
- if (!isset($data['name'])) {
- $data['name'] = $decode ? urldecode($key) : $key;
- $data['value'] = true === $value ? null : ($decode ? urldecode($value) : $value);
- continue;
- }
- switch ($key = strtolower($key)) {
- case 'name':
- case 'value':
- break;
- case 'max-age':
- $data['expires'] = time() + (int) $value;
- break;
- default:
- $data[$key] = $value;
- break;
- }
- }
- return new static($data['name'], $data['value'], $data['expires'], $data['path'], $data['domain'], $data['secure'], $data['httponly'], $data['raw'], $data['samesite']);
- }
- /**
- * @param string $name The name of the cookie
- * @param string|null $value The value of the cookie
- * @param int|string|\DateTimeInterface $expire The time the cookie expires
- * @param string $path The path on the server in which the cookie will be available on
- * @param string|null $domain The domain that the cookie is available to
- * @param bool $secure Whether the cookie should only be transmitted over a secure HTTPS connection from the client
- * @param bool $httpOnly Whether the cookie will be made accessible only through the HTTP protocol
- * @param bool $raw Whether the cookie value should be sent with no url encoding
- * @param string|null $sameSite Whether the cookie will be available for cross-site requests
- *
- * @throws \InvalidArgumentException
- */
- public function __construct($name, $value = null, $expire = 0, $path = '/', $domain = null, $secure = false, $httpOnly = true, $raw = false, $sameSite = null)
- {
- // from PHP source code
- if (preg_match("/[=,; \t\r\n\013\014]/", $name)) {
- throw new \InvalidArgumentException(sprintf('The cookie name "%s" contains invalid characters.', $name));
- }
- if (empty($name)) {
- throw new \InvalidArgumentException('The cookie name cannot be empty.');
- }
- // convert expiration time to a Unix timestamp
- if ($expire instanceof \DateTimeInterface) {
- $expire = $expire->format('U');
- } elseif (!is_numeric($expire)) {
- $expire = strtotime($expire);
- if (false === $expire) {
- throw new \InvalidArgumentException('The cookie expiration time is not valid.');
- }
- }
- $this->name = $name;
- $this->value = $value;
- $this->domain = $domain;
- $this->expire = 0 < $expire ? (int) $expire : 0;
- $this->path = empty($path) ? '/' : $path;
- $this->secure = (bool) $secure;
- $this->httpOnly = (bool) $httpOnly;
- $this->raw = (bool) $raw;
- if (null !== $sameSite) {
- $sameSite = strtolower($sameSite);
- }
- if (!in_array($sameSite, array(self::SAMESITE_LAX, self::SAMESITE_STRICT, null), true)) {
- throw new \InvalidArgumentException('The "sameSite" parameter value is not valid.');
- }
- $this->sameSite = $sameSite;
- }
- /**
- * Returns the cookie as a string.
- *
- * @return string The cookie
- */
- public function __toString()
- {
- $str = ($this->isRaw() ? $this->getName() : urlencode($this->getName())).'=';
- if ('' === (string) $this->getValue()) {
- $str .= 'deleted; expires='.gmdate('D, d-M-Y H:i:s T', time() - 31536001).'; max-age=-31536001';
- } else {
- $str .= $this->isRaw() ? $this->getValue() : rawurlencode($this->getValue());
- if (0 !== $this->getExpiresTime()) {
- $str .= '; expires='.gmdate('D, d-M-Y H:i:s T', $this->getExpiresTime()).'; max-age='.$this->getMaxAge();
- }
- }
- if ($this->getPath()) {
- $str .= '; path='.$this->getPath();
- }
- if ($this->getDomain()) {
- $str .= '; domain='.$this->getDomain();
- }
- if (true === $this->isSecure()) {
- $str .= '; secure';
- }
- if (true === $this->isHttpOnly()) {
- $str .= '; httponly';
- }
- if (null !== $this->getSameSite()) {
- $str .= '; samesite='.$this->getSameSite();
- }
- return $str;
- }
- /**
- * Gets the name of the cookie.
- *
- * @return string
- */
- public function getName()
- {
- return $this->name;
- }
- /**
- * Gets the value of the cookie.
- *
- * @return string|null
- */
- public function getValue()
- {
- return $this->value;
- }
- /**
- * Gets the domain that the cookie is available to.
- *
- * @return string|null
- */
- public function getDomain()
- {
- return $this->domain;
- }
- /**
- * Gets the time the cookie expires.
- *
- * @return int
- */
- public function getExpiresTime()
- {
- return $this->expire;
- }
- /**
- * Gets the max-age attribute.
- *
- * @return int
- */
- public function getMaxAge()
- {
- return 0 !== $this->expire ? $this->expire - time() : 0;
- }
- /**
- * Gets the path on the server in which the cookie will be available on.
- *
- * @return string
- */
- public function getPath()
- {
- return $this->path;
- }
- /**
- * Checks whether the cookie should only be transmitted over a secure HTTPS connection from the client.
- *
- * @return bool
- */
- public function isSecure()
- {
- return $this->secure;
- }
- /**
- * Checks whether the cookie will be made accessible only through the HTTP protocol.
- *
- * @return bool
- */
- public function isHttpOnly()
- {
- return $this->httpOnly;
- }
- /**
- * Whether this cookie is about to be cleared.
- *
- * @return bool
- */
- public function isCleared()
- {
- return $this->expire < time();
- }
- /**
- * Checks if the cookie value should be sent with no url encoding.
- *
- * @return bool
- */
- public function isRaw()
- {
- return $this->raw;
- }
- /**
- * Gets the SameSite attribute.
- *
- * @return string|null
- */
- public function getSameSite()
- {
- return $this->sameSite;
- }
- }
|