/**
* Set a 30-day cookie
*
* @param string $remember checkbox with value "checked" or empty
* @return bool
*/
public static function setCookie($h, $rememberMe)
{
if (!$rememberMe) {
return false;
}
if (!$h->currentUser->name) {
$h->messages['main_userbase_cookie_error'] = 'green';
return false;
} else {
// just need random token here. no real reason to pass name in. just easy to use password_hash to create it
$cookieToken = password_hash($h->currentUser->name, PASSWORD_DEFAULT);
\Hotaru\Models2\UserLogin::addLogin($h, $h->currentUser->id, $cookieToken);
$strCookie = base64_encode(join(':', array($h->currentUser->name, $cookieToken)));
// 2592000 = 60 seconds * 60 mins * 24 hours * 30 days
$month = 2592000 + time();
if (strpos(SITEURL, "localhost") !== false) {
setcookie("hotaru_key", $strCookie, $month, "/");
} else {
/*
* http://no2.php.net/setcookie
* bool setcookie ( string $name [, string $value [, int $expire = 0 [, string $path [, string $domain [, bool $secure = false [, bool $httponly = false ]]]]]] )
*
* The domain that the cookie is available to.
* Setting the domain to 'www.example.com' will make the cookie available in the www subdomain and higher subdomains.
* Cookies available to a lower domain, such as 'example.com' will be available to higher subdomains, such as 'www.example.com'.
* Older browsers still implementing the deprecated » RFC 2109 may require a leading . to match all subdomains.
* Since we dont want the cookie set on one subdomain to pass to another, we call setcookie without the domain paramater :'get a cookie with "subdomain.example.net" (and not ".subdomain.example.net")'
*/
setcookie("hotaru_key", $strCookie, $month, "/");
}
return true;
}
}
