Cookie
in package
Represents a cookie.
Table of Contents
Properties
- $custom_data : mixed
- $default_domain : string
- $default_path : string
- $domain : string
- $expires : int
- $hash : string
- $httponly : bool
- $member : int
- $name : string
- $path : string
- $samesite : string
- $secure : bool
Methods
- __construct() : mixed
- Constructor.
- encrypt() : string
- Hashes password with salt and authentication secret.
- getCookie() : object|null
- Constructs an instance of this class for a cookie that was sent to the server by the client.
- set() : bool
- A wrapper for setcookie that gives integration hooks access to it.
- setDefaults() : void
- Sets the values of self::$default_domain and self::$default_path.
- setLoginCookie() : void
- Sets the SMF-style login cookie and session based on the id_member and password passed.
- setTFACookie() : void
- Sets the Two Factor Authentication cookie.
- urlParts() : array<string|int, mixed>
- Get the domain and path for the cookie.
Properties
$custom_data
public
mixed
$custom_data
Arbitrary data to include in the cookie.
MOD AUTHORS: if you want to add data to the cookie, this is the place.
$default_domain
public
static string
$default_domain
The domain of the site where the cookie is used. This is normally the domain name of the forum's site.
$default_path
public
static string
$default_path
The path to the part of the site where the cookie is used. This is normally the URL path to the forum.
$domain
public
string
$domain
The domain of the site where the cookie is used. This is normally the domain name of the forum's site.
$expires
public
int
$expires
UNIX timestamp of the expiry date of the cookie.
$hash
public
string
$hash
Hashed password or TFA secret, or '' when forcing a logout.
Only normally used for login and TFA cookies. This is an HMAC hash of an already hashed value.
$httponly
public
bool
$httponly
Whether the cookie can only be used for HTTP requests.
$member
public
int
$member
The member this cookie is for.
Only normally used for login and TFA cookies. Either User::$me->id, or 0 when forcing a logout.
$name
public
string
$name
The name of the cookie.
$path
public
string
$path
The path to the part of the site where the cookie is used. This is normally the URL path to the forum.
$samesite
public
string
$samesite
Value for the cookie's 'SameSite' attribute.
$secure
public
bool
$secure
Whether the cookie must be secure.
Methods
__construct()
Constructor.
public
__construct([string $name = null ][, mixed $custom_data = null ][, int $expires = null ][, string $domain = null ][, string $path = null ][, bool $secure = null ][, bool $httponly = null ][, string $samesite = null ]) : mixed
Parameters
- $name : string = null
-
Name of the cookie.
- $custom_data : mixed = null
-
Data to include in the cookie.
- $expires : int = null
-
When the cookie expires. If not set, determined automatically.
- $domain : string = null
-
The domain of the site where the cookie is used. If not set, determined automatically.
- $path : string = null
-
The part of the site where the cookie is used. If not set, determined automatically.
- $secure : bool = null
-
Whether cookie must be secure. If not set, determined by Config::$modSettings['secureCookies'].
- $httponly : bool = null
-
Whether cookie can only be used for HTTP requests. If not set, determined by Config::$modSettings['httponlyCookies'].
- $samesite : string = null
-
Value for the cookie's 'SameSite' attribute. If not set, determined by Config::$modSettings['samesiteCookies'].
encrypt()
Hashes password with salt and authentication secret.
public
static encrypt(string $password, string $salt) : string
This is solely used for cookies.
Parameters
- $password : string
-
The password.
- $salt : string
-
The salt.
Return values
string —The hashed password.
getCookie()
Constructs an instance of this class for a cookie that was sent to the server by the client.
public
static getCookie(string $name) : object|null
Parameters
- $name : string
-
The name of the cookie.
Return values
object|null —An instance of this class for the cookie, or null if no cookie with that name was sent by the client.
set()
A wrapper for setcookie that gives integration hooks access to it.
public
set() : bool
Return values
boolsetDefaults()
Sets the values of self::$default_domain and self::$default_path.
public
static setDefaults() : void
setLoginCookie()
Sets the SMF-style login cookie and session based on the id_member and password passed.
public
static setLoginCookie(int $cookie_length, int $id[, string $password = '' ]) : void
- password should be already encrypted with the cookie salt.
- logs the user out if id_member is zero.
- sets the cookie and session to last the number of seconds specified by cookie_length, or ends them if cookie_length is less than 0.
- when logging out, if the globalCookies setting is enabled, attempts to clear the subdomain's cookie too.
Parameters
- $cookie_length : int
-
How many seconds the cookie should last. If negative, forces logout.
- $id : int
-
The ID of the member to set the cookie for
- $password : string = ''
-
The hashed password
setTFACookie()
Sets the Two Factor Authentication cookie.
public
static setTFACookie(int $cookie_length, int $id, string $secret) : void
Parameters
- $cookie_length : int
-
How long the cookie should last, in seconds.
- $id : int
-
The ID of the member.
- $secret : string
-
Should be a salted secret using self::encrypt().
urlParts()
Get the domain and path for the cookie.
public
static urlParts(bool $use_local, bool $use_global) : array<string|int, mixed>
Normally, local and global should be the localCookies and globalCookies settings, respectively.
Uses $boardurl to determine these two things.
Parameters
- $use_local : bool
-
Whether we want local cookies.
- $use_global : bool
-
Whether we want global cookies.
Return values
array<string|int, mixed> —The domain and path for the cookie, in that order.