Source for file Cookie.php
Documentation is available at Cookie.php
* This source file is subject to the new BSD license that is bundled
* with this package in the file LICENSE.txt.
* It is also available through the world-wide-web at this URL:
* http://framework.zend.com/license/new-bsd
* If you did not receive a copy of the license and are unable to
* obtain it through the world-wide-web, please send an email
* to license@zend.com so we can send you a copy immediately.
* @package Microsoft_Http
* @copyright Copyright (c) 2005-2009 Zend Technologies USA Inc. (http://www.zend.com)
* @version $Id: Cookie.php 17131 2009-07-26 10:03:39Z shahar $
* @license http://framework.zend.com/license/new-bsd New BSD License
* @see Microsoft_AutoLoader
require_once dirname(__FILE__ ) . '/../AutoLoader.php';
* Microsoft_Http_Cookie is a class describing an HTTP cookie and all it's parameters.
* Microsoft_Http_Cookie is a class describing an HTTP cookie and all it's parameters. The
* class also enables validating whether the cookie should be sent to the server in
* a specified scenario according to the request URI, the expiry time and whether
* session cookies should be used or not. Generally speaking cookies should be
* contained in a Cookiejar object, or instantiated manually and added to an HTTP
* See http://wp.netscape.com/newsref/std/cookie_spec.html for some specs.
* @package Microsoft_Http
* @copyright Copyright (c) 2005-2009 Zend Technologies USA Inc. (http://www.zend.com)
* @license http://framework.zend.com/license/new-bsd New BSD License
* Whether the cookie is secure or not
* Cookie object constructor
* @todo Add validation of each one of the parameters (legal domain, etc.)
public function __construct($name, $value, $domain, $expires = null, $path = null, $secure = false)
if (preg_match("/[=,; \t\r\n\013\014]/", $name)) {
require_once 'Microsoft/Http/Exception.php';
if (! $this->name = (string) $name) {
require_once 'Microsoft/Http/Exception.php';
if (! $this->domain = (string) $domain) {
require_once 'Microsoft/Http/Exception.php';
$this->value = (string) $value;
$this->expires = ($expires === null ? null : (int) $expires);
$this->path = ($path ? $path : '/');
* Get the expiry time of the cookie, or null if no expiry time is set
* Check whether the cookie should only be sent over secure connections
* Check whether the cookie has expired
* Always returns false if the cookie is a session cookie (has no expiry time)
* @param int $now Timestamp to consider as "now"
if ($now === null) $now = time();
* Check whether the cookie is a session cookie (has no expiry time set)
* Checks whether the cookie should be sent or not in a specific scenario
* @param string|Microsoft_Uri_Http$uri URI to check against (secure, domain, path)
* @param boolean $matchSessionCookies Whether to send session cookies
* @param int $now Override the current time when checking for expiry time
public function match($uri, $matchSessionCookies = true, $now = null)
// Make sure we have a valid Microsoft_Uri_Http object
if (! ($uri->valid() && ($uri->getScheme() == 'http' || $uri->getScheme() == 'https'))) {
require_once 'Microsoft/Http/Exception.php';
// Check that the cookie is secure (if required) and not expired
if ($this->secure && $uri->getScheme() != 'https') return false;
// Check if the domain matches
if (! self::matchCookieDomain($this->getDomain(), $uri->getHost())) {
// Check that path matches using prefix match
if (! self::matchCookiePath($this->getPath(), $uri->getPath())) {
// If we didn't die until now, return true.
* Get the cookie as a string, suitable for sending as a "Cookie" header in an
* Generate a new Cookie object from a cookie string
* (for example the value of the Set-Cookie HTTP header)
* @param string $cookieStr
* @param Microsoft_Uri_Http|string$ref_uri Reference URI for default values (domain, path)
* @return Microsoft_Http_Cookie A new Microsoft_Http_Cookie object or false on failure.
public static function fromString($cookieStr, $ref_uri = null)
// If first part does not include '=', fail
if (strpos($parts[0], '=') === false) return false;
// Get the name and value of the cookie
// Set default domain and path
$domain = $ref_uri->getHost();
$path = $ref_uri->getPath();
// Set other cookie parameters
foreach ($parts as $part) {
$keyValue = explode('=', $part, 2);
if (count($keyValue) == 2) {
list ($k, $v) = $keyValue;
* The expiration is past Tue, 19 Jan 2038 03:14:07 UTC
* the maximum for 32-bit signed integer. Microsoft_Date
* can get around that limit.
require_once 'Microsoft/Date.php';
$expireDate = new Microsoft_Date($v);
$expires = $expireDate->getTimestamp();
return new self($name, $value, $domain, $expires, $path, $secure);
* Check if a cookie's domain matches a host name.
* Used by Microsoft_Http_Cookie and Microsoft_Http_CookieJar for cookie matching
* @param string $cookieDomain
require_once 'Microsoft/Http/Exception.php';
require_once 'Microsoft/Http/Exception.php';
if ($cookieDomain[0] == '.') {
$cookieDomain = substr($cookieDomain, 1);
// Check for either exact match or suffix match
return ($cookieDomain == $host ||
* Check if a cookie's path matches a URL path
* Used by Microsoft_Http_Cookie and Microsoft_Http_CookieJar for cookie matching
* @param string $cookiePath
require_once 'Microsoft/Http/Exception.php';
require_once 'Microsoft/Http/Exception.php';
return (strpos($path, $cookiePath) === 0);
|