function yourls_store_cookie($user = null) { if (!$user) { $pass = null; $time = time() - 3600; } else { global $yourls_user_passwords; if (isset($yourls_user_passwords[$user])) { $pass = $yourls_user_passwords[$user]; } else { die('Stealing cookies?'); // This should never happen } $time = time() + YOURLS_COOKIE_LIFE; } if (!headers_sent()) { setcookie('yourls_username', yourls_salt($user), $time, '/'); setcookie('yourls_password', yourls_salt($pass), $time, '/'); } }
/** * Create a time limited, action limited and user limited token * */ function yourls_create_nonce($action, $user = false) { if (false == $user) { $user = defined('YOURLS_USER') ? YOURLS_USER : '******'; } $tick = yourls_tick(); return substr(yourls_salt($tick . $action . $user), 0, 10); }
function yourls_store_cookie($user = null) { if (!$user) { $pass = null; $time = time() - 3600; } else { global $yourls_user_passwords; if (isset($yourls_user_passwords[$user])) { $pass = $yourls_user_passwords[$user]; } else { die('Stealing cookies?'); // This should never happen } $time = time() + YOURLS_COOKIE_LIFE; } $domain = yourls_apply_filter('setcookie_domain', parse_url(YOURLS_SITE, 1)); $secure = yourls_apply_filter('setcookie_secure', yourls_is_ssl()); $httponly = yourls_apply_filter('setcookie_httponly', true); if (!headers_sent()) { // Set httponly if the php version is >= 5.2.0 if (version_compare(phpversion(), '5.2.0', 'ge')) { setcookie('yourls_username', yourls_salt($user), $time, '/', $domain, $secure, $httponly); setcookie('yourls_password', yourls_salt($pass), $time, '/', $domain, $secure, $httponly); } else { setcookie('yourls_username', yourls_salt($user), $time, '/', $domain, $secure); setcookie('yourls_password', yourls_salt($pass), $time, '/', $domain, $secure); } } }
/** * Get YOURLS cookie name * * The name is unique for each install, to prevent mismatch between sho.rt and very.sho.rt -- see #1673 * * TODO: when multi user is implemented, the whole cookie stuff should be reworked to allow storing multiple users * * @since 1.7.1 * @return string unique cookie name for a given YOURLS site */ function yourls_cookie_name() { return 'yourls_' . yourls_salt(YOURLS_SITE); }
/** * Store new cookie. No $user will delete the cookie. * */ function yourls_store_cookie($user = null) { if (!$user) { $pass = null; $time = time() - 3600; } else { global $yourls_user_passwords; if (isset($yourls_user_passwords[$user])) { $pass = $yourls_user_passwords[$user]; } else { die('Stealing cookies?'); // This should never happen } $time = time() + YOURLS_COOKIE_LIFE; } $domain = yourls_apply_filter('setcookie_domain', parse_url(YOURLS_SITE, 1)); $secure = yourls_apply_filter('setcookie_secure', yourls_is_ssl()); $httponly = yourls_apply_filter('setcookie_httponly', true); // Some browser refuse to store localhost cookie if ($domain == 'localhost') { $domain = ''; } if (!headers_sent($filename, $linenum)) { // Set httponly if the php version is >= 5.2.0 if (version_compare(phpversion(), '5.2.0', 'ge')) { setcookie('yourls_username', yourls_salt($user), $time, '/', $domain, $secure, $httponly); } else { setcookie('yourls_username', yourls_salt($user), $time, '/', $domain, $secure); } } else { // For some reason cookies were not stored: action to be able to debug that yourls_do_action('setcookie_failed', $user); yourls_debug_log("Could not store cookie: headers already sent in {$filename} on line {$linenum}"); } }