public static function createCookie($cookie_name, $cookie_value, $expires = 0, $path = '/', $domain = '')
{
if ($domain) {
// sanitizes the domain
$domain = owa_lib::sanitizeCookieDomain($domain);
} else {
$domain = owa_coreAPI::getSetting('base', 'cookie_domain');
}
if (is_array($cookie_value)) {
$cookie_value = owa_lib::implode_assoc('=>', '|||', $cookie_value);
}
// add namespace
$cookie_name = sprintf('%s%s', owa_coreAPI::getSetting('base', 'ns'), $cookie_name);
// debug
owa_coreAPI::debug(sprintf('Setting cookie %s with values: %s under domain: %s', $cookie_name, $cookie_value, $domain));
// set compact privacy header
header(sprintf('P3P: CP="%s"', owa_coreAPI::getSetting('base', 'p3p_policy')));
//owa_coreAPI::debug('time: '.$expires);
setcookie($cookie_name, $cookie_value, $expires, $path, $domain);
return;
}
/**
* sets and checks the cookie domain setting
*
* @param unknown_type $domain
*/
public function setCookieDomain($domain = '')
{
$explicit = false;
if (!$domain) {
$domain = $_SERVER['HTTP_HOST'];
$explicit = true;
}
// strip port, add leading period etc.
$domain = owa_lib::sanitizeCookieDomain($domain);
// Set the cookie domain only if the domain name is a Fully qualified domain name (FQDN)
// i.e. avoid attempts to set cookie domain for e.g. "localhost" as that is not valid
//check for two dots in the domain name
$twodots = substr_count($domain, '.');
if ($twodots >= 2) {
// unless www.domain.com is passed explicitly
// strip the www from the domain.
if (!$explicit) {
$part = substr($domain, 0, 5);
if ($part === '.www.') {
//strip .www.
$domain = substr($domain, 5);
// add back the leading period
$domain = '.' . $domain;
}
}
$this->set('base', 'cookie_domain', $domain);
owa_coreAPI::debug("Setting cookie domain to {$domain}");
} else {
owa_coreAPI::debug("Not setting cookie domain as {$domain} is not a FQDN.");
}
}
