/**
* Set the browser cookie
* @param string $name name of cookie
* @param string $value value to give cookie
* @param int|null $expire Unix timestamp (in seconds) when the cookie should expire.
* 0 (the default) causes it to expire $wgCookieExpiration seconds from now.
* null causes it to be a session cookie.
* @param array $options Assoc of additional cookie options:
* prefix: string, name prefix ($wgCookiePrefix)
* domain: string, cookie domain ($wgCookieDomain)
* path: string, cookie path ($wgCookiePath)
* secure: bool, secure attribute ($wgCookieSecure)
* httpOnly: bool, httpOnly attribute ($wgCookieHttpOnly)
* raw: bool, if true uses PHP's setrawcookie() instead of setcookie()
* For backwards compatability, if $options is not an array then it and
* the following two parameters will be interpreted as values for
* 'prefix', 'domain', and 'secure'
* @since 1.22 Replaced $prefix, $domain, and $forceSecure with $options
*/
public function setcookie($name, $value, $expire = 0, $options = null)
{
global $wgCookiePath, $wgCookiePrefix, $wgCookieDomain;
global $wgCookieSecure, $wgCookieExpiration, $wgCookieHttpOnly;
if (!is_array($options)) {
// Backwards compatability
$options = array('prefix' => $options);
if (func_num_args() >= 5) {
$options['domain'] = func_get_arg(4);
}
if (func_num_args() >= 6) {
$options['secure'] = func_get_arg(5);
}
}
$options = array_filter($options, function ($a) {
return $a !== null;
}) + array('prefix' => $wgCookiePrefix, 'domain' => $wgCookieDomain, 'path' => $wgCookiePath, 'secure' => $wgCookieSecure, 'httpOnly' => $wgCookieHttpOnly, 'raw' => false);
if ($expire === null) {
$expire = 0;
// Session cookie
} elseif ($expire == 0 && $wgCookieExpiration != 0) {
$expire = time() + $wgCookieExpiration;
}
// Don't mark the cookie as httpOnly if the requesting user-agent is
// known to have trouble with httpOnly cookies.
if (!wfHttpOnlySafe()) {
$options['httpOnly'] = false;
}
$func = $options['raw'] ? 'setrawcookie' : 'setcookie';
if (wfRunHooks('WebResponseSetCookie', array(&$name, &$value, &$expire, $options))) {
wfDebugLog('cookie', $func . ': "' . implode('", "', array($options['prefix'] . $name, $value, $expire, $options['path'], $options['domain'], $options['secure'], $options['httpOnly'])) . '"');
call_user_func($func, $options['prefix'] . $name, $value, $expire, $options['path'], $options['domain'], $options['secure'], $options['httpOnly']);
}
}
/**
* Set the browser cookie
* @param string $name name of cookie
* @param string $value value to give cookie
* @param int $expire Unix timestamp (in seconds) when the cookie should expire.
* 0 (the default) causes it to expire $wgCookieExpiration seconds from now.
* @param string $prefix Prefix to use, if not $wgCookiePrefix (use '' for no prefix)
* @param string $domain Cookie domain to use, if not $wgCookieDomain
* @param $forceSecure Bool:
* true: force the cookie to be set with the secure attribute
* false: force the cookie to be set without the secure attribute
* null: use the value from $wgCookieSecure
*/
public function setcookie($name, $value, $expire = 0, $prefix = null, $domain = null, $forceSecure = null)
{
global $wgCookiePath, $wgCookiePrefix, $wgCookieDomain;
global $wgCookieSecure, $wgCookieExpiration, $wgCookieHttpOnly;
if ($expire == 0) {
$expire = time() + $wgCookieExpiration;
}
if ($prefix === null) {
$prefix = $wgCookiePrefix;
}
if ($domain === null) {
$domain = $wgCookieDomain;
}
if (is_null($forceSecure)) {
$secureCookie = $wgCookieSecure;
} else {
$secureCookie = $forceSecure;
}
// Mark the cookie as httpOnly if $wgCookieHttpOnly is true,
// unless the requesting user-agent is known to have trouble with
// httpOnly cookies.
$httpOnlySafe = $wgCookieHttpOnly && wfHttpOnlySafe();
wfDebugLog('cookie', 'setcookie: "' . implode('", "', array($prefix . $name, $value, $expire, $wgCookiePath, $domain, $secureCookie, $httpOnlySafe)) . '"');
setcookie($prefix . $name, $value, $expire, $wgCookiePath, $domain, $secureCookie, $httpOnlySafe);
}
/** Set the browser cookie
* @param $name String: name of cookie
* @param $value String: value to give cookie
* @param $expire Int: number of seconds til cookie expires
*/
public function setcookie($name, $value, $expire = 0)
{
global $wgCookiePath, $wgCookiePrefix, $wgCookieDomain;
global $wgCookieSecure, $wgCookieExpiration, $wgCookieHttpOnly;
if ($expire == 0) {
$expire = time() + $wgCookieExpiration;
}
$httpOnlySafe = wfHttpOnlySafe();
wfDebugLog('cookie', 'setcookie: "' . implode('", "', array($wgCookiePrefix . $name, $value, $expire, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $httpOnlySafe && $wgCookieHttpOnly)) . '"');
if ($httpOnlySafe && isset($wgCookieHttpOnly)) {
setcookie($wgCookiePrefix . $name, $value, $expire, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $wgCookieHttpOnly);
} else {
// setcookie() fails on PHP 5.1 if you give it future-compat paramters.
// stab stab!
setcookie($wgCookiePrefix . $name, $value, $expire, $wgCookiePath, $wgCookieDomain, $wgCookieSecure);
}
}
/**
* Set the browser cookie
* @param $name String: name of cookie
* @param $value String: value to give cookie
* @param $expire Int: number of seconds til cookie expires
* @param $prefix String: Prefix to use, if not $wgCookiePrefix (use '' for no prefix)
* @param @domain String: Cookie domain to use, if not $wgCookieDomain
*/
public function setcookie($name, $value, $expire = 0, $prefix = null, $domain = null)
{
global $wgCookiePath, $wgCookiePrefix, $wgCookieDomain;
global $wgCookieSecure, $wgCookieExpiration, $wgCookieHttpOnly;
if ($expire == 0) {
$expire = time() + $wgCookieExpiration;
}
if ($prefix === null) {
$prefix = $wgCookiePrefix;
}
if ($domain === null) {
$domain = $wgCookieDomain;
}
$httpOnlySafe = wfHttpOnlySafe() && $wgCookieHttpOnly;
wfDebugLog('cookie', 'setcookie: "' . implode('", "', array($prefix . $name, $value, $expire, $wgCookiePath, $domain, $wgCookieSecure, $httpOnlySafe)) . '"');
setcookie($prefix . $name, $value, $expire, $wgCookiePath, $domain, $wgCookieSecure, $httpOnlySafe);
}
/**
* Initialise php session
*
* @param $sessionId Bool
*/
function wfSetupSession($sessionId = false)
{
global $wgSessionsInMemcached, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $wgCookieHttpOnly, $wgSessionHandler;
if ($wgSessionsInMemcached) {
if (!defined('MW_COMPILED')) {
global $IP;
require_once "{$IP}/includes/cache/MemcachedSessions.php";
}
session_set_save_handler('memsess_open', 'memsess_close', 'memsess_read', 'memsess_write', 'memsess_destroy', 'memsess_gc');
// It's necessary to register a shutdown function to call session_write_close(),
// because by the time the request shutdown function for the session module is
// called, $wgMemc has already been destroyed. Shutdown functions registered
// this way are called before object destruction.
register_shutdown_function('memsess_write_close');
} elseif ($wgSessionHandler && $wgSessionHandler != ini_get('session.save_handler')) {
# Only set this if $wgSessionHandler isn't null and session.save_handler
# hasn't already been set to the desired value (that causes errors)
ini_set('session.save_handler', $wgSessionHandler);
}
$httpOnlySafe = wfHttpOnlySafe() && $wgCookieHttpOnly;
wfDebugLog('cookie', 'session_set_cookie_params: "' . implode('", "', array(0, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $httpOnlySafe)) . '"');
session_set_cookie_params(0, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $httpOnlySafe);
session_cache_limiter('private, must-revalidate');
if ($sessionId) {
session_id($sessionId);
}
wfSuppressWarnings();
session_start();
wfRestoreWarnings();
}
/**
* Initialise php session
*
* @param $sessionId Bool
*/
function wfSetupSession($sessionId = false)
{
global $wgSessionsInMemcached, $wgSessionsInObjectCache, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $wgCookieHttpOnly, $wgSessionHandler;
if ($wgSessionsInObjectCache || $wgSessionsInMemcached) {
ObjectCacheSessionHandler::install();
} elseif ($wgSessionHandler && $wgSessionHandler != ini_get('session.save_handler')) {
# Only set this if $wgSessionHandler isn't null and session.save_handler
# hasn't already been set to the desired value (that causes errors)
ini_set('session.save_handler', $wgSessionHandler);
}
$httpOnlySafe = wfHttpOnlySafe() && $wgCookieHttpOnly;
wfDebugLog('cookie', 'session_set_cookie_params: "' . implode('", "', array(0, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $httpOnlySafe)) . '"');
session_set_cookie_params(0, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $httpOnlySafe);
session_cache_limiter('private, must-revalidate');
if ($sessionId) {
session_id($sessionId);
} else {
wfFixSessionID();
}
wfSuppressWarnings();
session_start();
wfRestoreWarnings();
}
/**
* Initialise php session
*/
function wfSetupSession()
{
global $wgSessionsInMemcached, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $wgCookieHttpOnly;
if ($wgSessionsInMemcached) {
require_once 'MemcachedSessions.php';
} elseif ('files' != ini_get('session.save_handler')) {
# If it's left on 'user' or another setting from another
# application, it will end up failing. Try to recover.
ini_set('session.save_handler', 'files');
}
$httpOnlySafe = wfHttpOnlySafe();
wfDebugLog('cookie', 'session_set_cookie_params: "' . implode('", "', array(0, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $httpOnlySafe && $wgCookieHttpOnly)) . '"');
if ($httpOnlySafe && $wgCookieHttpOnly) {
session_set_cookie_params(0, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $wgCookieHttpOnly);
} else {
// PHP 5.1 throws warnings if you pass the HttpOnly parameter for 5.2.
session_set_cookie_params(0, $wgCookiePath, $wgCookieDomain, $wgCookieSecure);
}
session_cache_limiter('private, must-revalidate');
wfSuppressWarnings();
session_start();
wfRestoreWarnings();
}
/**
* Initialise php session
*
* @param $sessionId Bool
*/
function wfSetupSession($sessionId = false)
{
global $wgSessionsInMemcached, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $wgCookieHttpOnly, $wgSessionHandler;
if ($wgSessionsInMemcached) {
if (!defined('MW_COMPILED')) {
global $IP;
require_once "{$IP}/includes/cache/MemcachedSessions.php";
}
session_set_save_handler('memsess_open', 'memsess_close', 'memsess_read', 'memsess_write', 'memsess_destroy', 'memsess_gc');
// It's necessary to register a shutdown function to call session_write_close(),
// because by the time the request shutdown function for the session module is
// called, $wgMemc has already been destroyed. Shutdown functions registered
// this way are called before object destruction.
register_shutdown_function('memsess_write_close');
} elseif ($wgSessionHandler && $wgSessionHandler != ini_get('session.save_handler')) {
# Only set this if $wgSessionHandler isn't null and session.save_handler
# hasn't already been set to the desired value (that causes errors)
ini_set('session.save_handler', $wgSessionHandler);
}
$httpOnlySafe = wfHttpOnlySafe() && $wgCookieHttpOnly;
wfDebugLog('cookie', 'session_set_cookie_params: "' . implode('", "', array(0, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $httpOnlySafe)) . '"');
session_set_cookie_params(0, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $httpOnlySafe);
session_cache_limiter('private, must-revalidate');
if ($sessionId) {
session_id($sessionId);
} else {
wfFixSessionID();
}
wfSuppressWarnings();
session_start();
wfRestoreWarnings();
// Wikia change - start
// log all sessions started with 1% sampling (PLATFORM-1266)
if ((new Wikia\Util\Statistics\BernoulliTrial(0.01))->shouldSample()) {
Wikia\Logger\WikiaLogger::instance()->info(__METHOD__, ['caller' => wfGetAllCallers(), 'exception' => new Exception()]);
}
// Wikia change - end
}
/**
* Initialise php session
*/
function wfSetupSession($sessionId = false)
{
global $wgSessionsInMemcached, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $wgCookieHttpOnly, $wgSessionHandler;
if ($wgSessionsInMemcached) {
require_once 'MemcachedSessions.php';
} elseif ($wgSessionHandler && $wgSessionHandler != ini_get('session.save_handler')) {
# Only set this if $wgSessionHandler isn't null and session.save_handler
# hasn't already been set to the desired value (that causes errors)
ini_set('session.save_handler', $wgSessionHandler);
}
$httpOnlySafe = wfHttpOnlySafe();
wfDebugLog('cookie', 'session_set_cookie_params: "' . implode('", "', array(0, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $httpOnlySafe && $wgCookieHttpOnly)) . '"');
if ($httpOnlySafe && $wgCookieHttpOnly) {
session_set_cookie_params(0, $wgCookiePath, $wgCookieDomain, $wgCookieSecure, $wgCookieHttpOnly);
} else {
// PHP 5.1 throws warnings if you pass the HttpOnly parameter for 5.2.
session_set_cookie_params(0, $wgCookiePath, $wgCookieDomain, $wgCookieSecure);
}
session_cache_limiter('private, must-revalidate');
if ($sessionId) {
session_id($sessionId);
}
wfSuppressWarnings();
session_start();
wfRestoreWarnings();
}
