1 <?php
2 /**
3 * Part of the Joomla Framework Input Package
4 *
5 * @copyright Copyright (C) 2005 - 2016 Open Source Matters, Inc. All rights reserved.
6 * @license GNU General Public License version 2 or later; see LICENSE
7 */
8
9 namespace Joomla\Input;
10
11 use Joomla\Filter;
12
13 /**
14 * Joomla! Input Cookie Class
15 *
16 * @since 1.0
17 */
18 class Cookie extends Input
19 {
20 /**
21 * Constructor.
22 *
23 * @param array $source Ignored.
24 * @param array $options Array of configuration parameters (Optional)
25 *
26 * @since 1.0
27 */
28 public function __construct(array $source = null, array $options = array())
29 {
30 if (isset($options['filter']))
31 {
32 $this->filter = $options['filter'];
33 }
34 else
35 {
36 $this->filter = new Filter\InputFilter;
37 }
38
39 // Set the data source.
40 $this->data = & $_COOKIE;
41
42 // Set the options for the class.
43 $this->options = $options;
44 }
45
46 /**
47 * Sets a value
48 *
49 * @param string $name Name of the value to set.
50 * @param mixed $value Value to assign to the input.
51 * @param integer $expire The time the cookie expires. This is a Unix timestamp so is in number
52 * of seconds since the epoch. In other words, you'll most likely set this
53 * with the time() function plus the number of seconds before you want it
54 * to expire. Or you might use mktime(). time()+60*60*24*30 will set the
55 * cookie to expire in 30 days. If set to 0, or omitted, the cookie will
56 * expire at the end of the session (when the browser closes).
57 * @param string $path The path on the server in which the cookie will be available on. If set
58 * to '/', the cookie will be available within the entire domain. If set to
59 * '/foo/', the cookie will only be available within the /foo/ directory and
60 * all sub-directories such as /foo/bar/ of domain. The default value is the
61 * current directory that the cookie is being set in.
62 * @param string $domain The domain that the cookie is available to. To make the cookie available
63 * on all subdomains of example.com (including example.com itself) then you'd
64 * set it to '.example.com'. Although some browsers will accept cookies without
65 * the initial ., RFC 2109 requires it to be included. Setting the domain to
66 * 'www.example.com' or '.www.example.com' will make the cookie only available
67 * in the www subdomain.
68 * @param boolean $secure Indicates that the cookie should only be transmitted over a secure HTTPS
69 * connection from the client. When set to TRUE, the cookie will only be set
70 * if a secure connection exists. On the server-side, it's on the programmer
71 * to send this kind of cookie only on secure connection (e.g. with respect
72 * to $_SERVER["HTTPS"]).
73 * @param boolean $httpOnly When TRUE the cookie will be made accessible only through the HTTP protocol.
74 * This means that the cookie won't be accessible by scripting languages, such
75 * as JavaScript. This setting can effectively help to reduce identity theft
76 * through XSS attacks (although it is not supported by all browsers).
77 *
78 * @return void
79 *
80 * @link http://www.ietf.org/rfc/rfc2109.txt
81 * @see setcookie()
82 * @since 1.0
83 */
84 public function set($name, $value, $expire = 0, $path = '', $domain = '', $secure = false, $httpOnly = false)
85 {
86 setcookie($name, $value, $expire, $path, $domain, $secure, $httpOnly);
87
88 $this->data[$name] = $value;
89 }
90 }
91