/usr/share/php/kohana3.2/system/classes/kohana/cookie.php is in libkohana3.2-core-php 3.2.2-1.
This file is owned by root:root, with mode 0o644.
The actual contents of the file can be viewed below.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 | <?php defined('SYSPATH') or die('No direct script access.');
/**
* Cookie helper.
*
* @package Kohana
* @category Helpers
* @author Kohana Team
* @copyright (c) 2008-2012 Kohana Team
* @license http://kohanaframework.org/license
*/
class Kohana_Cookie {
/**
* @var string Magic salt to add to the cookie
*/
public static $salt = NULL;
/**
* @var integer Number of seconds before the cookie expires
*/
public static $expiration = 0;
/**
* @var string Restrict the path that the cookie is available to
*/
public static $path = '/';
/**
* @var string Restrict the domain that the cookie is available to
*/
public static $domain = NULL;
/**
* @var boolean Only transmit cookies over secure connections
*/
public static $secure = FALSE;
/**
* @var boolean Only transmit cookies over HTTP, disabling Javascript access
*/
public static $httponly = FALSE;
/**
* Gets the value of a signed cookie. Cookies without signatures will not
* be returned. If the cookie signature is present, but invalid, the cookie
* will be deleted.
*
* // Get the "theme" cookie, or use "blue" if the cookie does not exist
* $theme = Cookie::get('theme', 'blue');
*
* @param string $key cookie name
* @param mixed $default default value to return
* @return string
*/
public static function get($key, $default = NULL)
{
if ( ! isset($_COOKIE[$key]))
{
// The cookie does not exist
return $default;
}
// Get the cookie value
$cookie = $_COOKIE[$key];
// Find the position of the split between salt and contents
$split = strlen(Cookie::salt($key, NULL));
if (isset($cookie[$split]) AND $cookie[$split] === '~')
{
// Separate the salt and the value
list ($hash, $value) = explode('~', $cookie, 2);
if (Cookie::salt($key, $value) === $hash)
{
// Cookie signature is valid
return $value;
}
// The cookie signature is invalid, delete it
Cookie::delete($key);
}
return $default;
}
/**
* Sets a signed cookie. Note that all cookie values must be strings and no
* automatic serialization will be performed!
*
* // Set the "theme" cookie
* Cookie::set('theme', 'red');
*
* @param string $name name of cookie
* @param string $value value of cookie
* @param integer $expiration lifetime in seconds
* @return boolean
* @uses Cookie::salt
*/
public static function set($name, $value, $expiration = NULL)
{
if ($expiration === NULL)
{
// Use the default expiration
$expiration = Cookie::$expiration;
}
if ($expiration !== 0)
{
// The expiration is expected to be a UNIX timestamp
$expiration += time();
}
// Add the salt to the cookie value
$value = Cookie::salt($name, $value).'~'.$value;
return setcookie($name, $value, $expiration, Cookie::$path, Cookie::$domain, Cookie::$secure, Cookie::$httponly);
}
/**
* Deletes a cookie by making the value NULL and expiring it.
*
* Cookie::delete('theme');
*
* @param string $name cookie name
* @return boolean
* @uses Cookie::set
*/
public static function delete($name)
{
// Remove the cookie
unset($_COOKIE[$name]);
// Nullify the cookie and make it expire
return setcookie($name, NULL, -86400, Cookie::$path, Cookie::$domain, Cookie::$secure, Cookie::$httponly);
}
/**
* Generates a salt string for a cookie based on the name and value.
*
* $salt = Cookie::salt('theme', 'red');
*
* @param string $name name of cookie
* @param string $value value of cookie
* @return string
*/
public static function salt($name, $value)
{
// Require a valid salt
if ( ! Cookie::$salt)
{
throw new Kohana_Exception('A valid cookie salt is required. Please set Cookie::$salt.');
}
// Determine the user agent
$agent = isset($_SERVER['HTTP_USER_AGENT']) ? strtolower($_SERVER['HTTP_USER_AGENT']) : 'unknown';
return sha1($agent.$name.$value.Cookie::$salt);
}
} // End cookie
|