Timezones
CookieService.php
Go to the documentation of this file.
1<?php
2
3declare(strict_types=1);
4
5/*
6 * This file is part of the package thucke/timezones.
7 *
8 * For the full copyright and license information, please read the
9 * LICENSE file that was distributed with this source code.
10 */
11
12namespace Thucke\Timezones\Service;
13
14use TYPO3\CMS\Core\Exception;
15use TYPO3\CMS\Core\Log\LogLevel;
16use TYPO3\CMS\Core\Utility\GeneralUtility;
17
25class CookieService extends AbstractExtensionService
26{
34 protected function getCookieDomain(): string
35 {
36 $result = '';
37 $cookieDomain = $GLOBALS['TYPO3_CONF_VARS']['SYS']['cookieDomain'];
38 // If a specific cookie domain is defined for a given TYPO3_MODE,
39 // use that domain
40 if (!empty($GLOBALS['TYPO3_CONF_VARS']['FE']['cookieDomain'])) {
41 $cookieDomain = $GLOBALS['TYPO3_CONF_VARS']['FE']['cookieDomain'];
42 }
43 if ($cookieDomain) {
44 if ($cookieDomain[0] === '/') {
45 $match = [];
46 $matchCnt = @preg_match($cookieDomain, GeneralUtility::getIndpEnv('TYPO3_HOST_ONLY'), $match);
47 if ($matchCnt === false) {
48 $this->logger->log(
49 LogLevel::ERROR,
50 'getCookieDomain: The regular expression for the cookie domain contains errors. The session is not shared across sub-domains.',
51 [
52 'cookieDomain' => $cookieDomain,
53 'errorCode' => 1399137882,
54 ]
55 );
56 } elseif ($matchCnt) {
57 $result = $match[0];
58 }
59 } else {
60 $result = $cookieDomain;
61 }
62 }
63
64 return $result;
65 }
66
75 public function clearCookie(string $cookieName): void
76 {
77 setcookie($cookieName);
78 }
79
90 public function setCookie(string $cookieName, string $cookieValue, $cookieExpire = 0): void
91 {
92 // do not set session cookies
93 //\TYPO3\CMS\Extbase\Utility\DebuggerUtility::var_dump(date('H:i:s - m.d.y', $cookieExpire), 'setCookie');
94 if (!empty($cookieExpire)) {
95 $settings = $GLOBALS['TYPO3_CONF_VARS']['SYS'];
96
97 // Get the domain to be used for the cookie (if any):
98 $cookieDomain = $this->getCookieDomain();
99
100 // If no cookie domain is set, use the base path:
102 $cookiePath = ($cookieDomain ? '/' : GeneralUtility::getIndpEnv('TYPO3_SITE_PATH'));
103
104 //TODO - cookieSecure and cookieHttpOnly had been removed in TYPO3 v11
105 // drop special handling when dropping support for TYPO3 <v11
106
107 // Use the secure option when the current request is served by a secure connection:
108 $cookieSecure = false;
109 if (array_key_exists('cookieSecure', $settings)) {
110 $cookieSecure = (bool)$settings['cookieSecure'] && GeneralUtility::getIndpEnv('TYPO3_SSL');
111 }
112 // Deliver cookies only via HTTP and prevent possible XSS by JavaScript:
113 $cookieHttpOnly = true;
114 if (array_key_exists('cookieHttpOnly', $settings)) {
115 $cookieHttpOnly = (bool)$settings['cookieHttpOnly'];
116 }
117
118 // Do not set cookie if cookieSecure is set to "1" (force HTTPS) and no secure channel is used:
119 if (!($cookieSecure xor GeneralUtility::getIndpEnv('TYPO3_SSL'))) {
120 setcookie(
121 $cookieName,
122 $cookieValue,
123 (int)$cookieExpire,
124 $cookiePath,
125 $cookieDomain,
126 $cookieSecure,
127 $cookieHttpOnly
128 );
129 $this->logger->log(
130 LogLevel::INFO,
131 'setCookie: Cookie set',
132 [
133 'cookieName' => $cookieName,
134 'cookieValue' => $cookieValue,
135 'cookieExpire' => $cookieExpire,
136 'cookiePath' => $cookiePath,
137 'cookieDomain' => $cookieDomain,
138 'cookieSecure' => $cookieSecure,
139 'cookieHttpOnly' => $cookieHttpOnly,
140 ]
141 );
142 } else {
143 throw new Exception(
144 'Cookie was not set since HTTPS was forced in $TYPO3_CONF_VARS[SYS][cookieSecure].',
145 1254325546
146 );
147 }
148 }
149 }
150
157 public function getCookie(string $cookieName): ?string
158 {
159 //\TYPO3\CMS\Extbase\Utility\DebuggerUtility::var_dump($_COOKIE[$cookieName],get_class($this).' getCookie');
160 return isset($_COOKIE[$cookieName]) ? stripslashes($_COOKIE[$cookieName]) : null;
161 }
162
170 public function hasCookie(string $cookieName): bool
171 {
172 return !empty($this->getCookie($cookieName));
173 }
174}