merged skunkworks into develop.
This commit is contained in:
Taylor Otwell
@@ -1,8 +1,10 @@
|
||||
<?php namespace Laravel; use Closure;
|
||||
<?php namespace Laravel; defined('APP_PATH') or die('No direct script access.');
|
||||
|
||||
if (trim(Config::$items['application']['key']) === '')
|
||||
use Closure;
|
||||
|
||||
if (trim(Config::get('application.key')) === '')
|
||||
{
|
||||
throw new \LogicException('The cookie class may not be used without an application key.');
|
||||
throw new \Exception('The cookie class may not be used without an application key.');
|
||||
}
|
||||
|
||||
class Cookie {
|
||||
@@ -21,59 +23,54 @@ class Cookie {
|
||||
/**
|
||||
* Get the value of a cookie.
|
||||
*
|
||||
* <code>
|
||||
* // Get the value of the "favorite" cookie
|
||||
* $favorite = Cookie::get('favorite');
|
||||
*
|
||||
* // Get the value of a cookie or return a default value if it doesn't exist
|
||||
* $favorite = Cookie::get('framework', 'Laravel');
|
||||
* </code>
|
||||
*
|
||||
* @param string $name
|
||||
* @param mixed $default
|
||||
* @return string
|
||||
*/
|
||||
public static function get($name, $default = null)
|
||||
{
|
||||
$value = Arr::get($_COOKIE, $name);
|
||||
$value = array_get($_COOKIE, $name);
|
||||
|
||||
if ( ! is_null($value))
|
||||
if ( ! is_null($value) and isset($value[40]) and $value[40] == '~')
|
||||
{
|
||||
// All Laravel managed cookies are "signed" with a fingerprint hash.
|
||||
// The hash serves to verify that the contents of the cookie have not
|
||||
// been modified by the user. We can verify the integrity of the cookie
|
||||
// by extracting the value and re-hashing it, then comparing that hash
|
||||
// against the hash stored in the cookie.
|
||||
if (isset($value[40]) and $value[40] === '~')
|
||||
{
|
||||
list($hash, $value) = explode('~', $value, 2);
|
||||
// The hash signature and the cookie value are separated by a tilde
|
||||
// character for convenience. To separate the hash and the contents
|
||||
// we can simply expode on that character.
|
||||
//
|
||||
// By re-feeding the cookie value into the "sign" method, we should
|
||||
// be able to generate a hash that matches the one taken out of the
|
||||
// cookie. If they don't match, the cookie value has been changed.
|
||||
list($hash, $value) = explode('~', $value, 2);
|
||||
|
||||
if (static::hash($name, $value) === $hash)
|
||||
{
|
||||
return $value;
|
||||
}
|
||||
if (static::hash($name, $value) === $hash)
|
||||
{
|
||||
return $value;
|
||||
}
|
||||
}
|
||||
|
||||
return ($default instanceof Closure) ? call_user_func($default) : $default;
|
||||
return value($default);
|
||||
}
|
||||
|
||||
/**
|
||||
* Set a "permanent" cookie. The cookie will last for one year.
|
||||
* Set the value of a cookie.
|
||||
*
|
||||
* @param string $name
|
||||
* @param string $value
|
||||
* @param string $path
|
||||
* @param string $domain
|
||||
* @param bool $secure
|
||||
* @param bool $http_only
|
||||
* @return bool
|
||||
*/
|
||||
public static function forever($name, $value, $path = '/', $domain = null, $secure = false, $http_only = false)
|
||||
{
|
||||
return static::put($name, $value, 525600, $path, $domain, $secure, $http_only);
|
||||
}
|
||||
|
||||
/**
|
||||
* Set the value of a cookie.
|
||||
* If the response headers have already been sent, the cookie will not be set.
|
||||
*
|
||||
* If a negative number of minutes is specified, the cookie will be deleted.
|
||||
* <code>
|
||||
* // Set the value of the "favorite" cookie
|
||||
* Cookie::put('favorite', 'Laravel');
|
||||
*
|
||||
* This method's signature is very similar to the PHP setcookie method.
|
||||
* However, you simply need to pass the number of minutes for which you
|
||||
* wish the cookie to be valid. No funky time calculation is required.
|
||||
* // Set the value of the "favorite" cookie for twenty minutes
|
||||
* Cookie::put('favorite', 'Laravel', 20);
|
||||
* </code>
|
||||
*
|
||||
* @param string $name
|
||||
* @param string $value
|
||||
@@ -81,39 +78,51 @@ class Cookie {
|
||||
* @param string $path
|
||||
* @param string $domain
|
||||
* @param bool $secure
|
||||
* @param bool $http_only
|
||||
* @return bool
|
||||
*/
|
||||
public static function put($name, $value, $minutes = 0, $path = '/', $domain = null, $secure = false, $http_only = false)
|
||||
public static function put($name, $value, $minutes = 0, $path = '/', $domain = null, $secure = false)
|
||||
{
|
||||
if (headers_sent()) return false;
|
||||
|
||||
$time = ($minutes !== 0) ? time() + ($minutes * 60) : 0;
|
||||
|
||||
$value = static::hash($name, $value).'~'.$value;
|
||||
|
||||
if ($minutes < 0)
|
||||
{
|
||||
unset($_COOKIE[$name]);
|
||||
}
|
||||
else
|
||||
{
|
||||
$_COOKIE[$name] = $value;
|
||||
}
|
||||
|
||||
return setcookie($name, $value, $time, $path, $domain, $secure, $http_only);
|
||||
return setcookie($name, static::sign($name, $value), $time, $path, $domain, $secure);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate a cookie hash.
|
||||
* Set a "permanent" cookie. The cookie will last for one year.
|
||||
*
|
||||
* Cookie salts are used to verify that the contents of the cookie have not
|
||||
* been modified by the user, since they serve as a fingerprint of the cookie
|
||||
* contents. The application key is used to salt the salts.
|
||||
* <code>
|
||||
* // Set a cookie that should last one year
|
||||
* Cookie::forever('favorite', 'Blue');
|
||||
* </code>
|
||||
*
|
||||
* When the cookie is read using the "get" method, the value will be extracted
|
||||
* from the cookie and hashed, if the hash in the cookie and the hashed value
|
||||
* do not match, we know the cookie has been changed on the client.
|
||||
* @param string $name
|
||||
* @param string $value
|
||||
* @param string $path
|
||||
* @param string $domain
|
||||
* @param bool $secure
|
||||
* @return bool
|
||||
*/
|
||||
public static function forever($name, $value, $path = '/', $domain = null, $secure = false)
|
||||
{
|
||||
return static::put($name, $value, 525600, $path, $domain, $secure);
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate a cookie signature based on the contents.
|
||||
*
|
||||
* @param string $name
|
||||
* @param string $value
|
||||
* @return string
|
||||
*/
|
||||
protected static function sign($name, $value)
|
||||
{
|
||||
return static::hash($name, $value).'~'.$value;
|
||||
}
|
||||
|
||||
/**
|
||||
* Generate a cookie hash based on the contents.
|
||||
*
|
||||
* @param string $name
|
||||
* @param string $value
|
||||
@@ -121,7 +130,7 @@ class Cookie {
|
||||
*/
|
||||
protected static function hash($name, $value)
|
||||
{
|
||||
return sha1($name.$value.Config::$items['application']['key']);
|
||||
return sha1($name.$value.Config::get('application.key'));
|
||||
}
|
||||
|
||||
/**
|
||||
@@ -131,12 +140,11 @@ class Cookie {
|
||||
* @param string $path
|
||||
* @param string $domain
|
||||
* @param bool $secure
|
||||
* @param bool $http_only
|
||||
* @return bool
|
||||
*/
|
||||
public static function forget($name, $path = '/', $domain = null, $secure = false, $http_only = false)
|
||||
public static function forget($name, $path = '/', $domain = null, $secure = false)
|
||||
{
|
||||
return static::put($name, null, -2000, $path, $domain, $secure, $http_only);
|
||||
return static::put($name, null, -2000, $path, $domain, $secure);
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user