includes/WebResponse.php

   1 <?php
   2 /**
   3  * Classes used to send headers and cookies back to the user
   4  *
   5  * This program is free software; you can redistribute it and/or modify
   6  * it under the terms of the GNU General Public License as published by
   7  * the Free Software Foundation; either version 2 of the License, or
   8  * (at your option) any later version.
   9  *
  10  * This program is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  13  * GNU General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU General Public License along
  16  * with this program; if not, write to the Free Software Foundation, Inc.,
  17  * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA.
  18  * http://www.gnu.org/copyleft/gpl.html
  19  *
  20  * @file
  21  */
  22
  23 /**
  24  * Allow programs to request this object from WebRequest::response()
  25  * and handle all outputting (or lack of outputting) via it.
  26  * @ingroup HTTP
  27  */
  28 class WebResponse {
  29
  30         /**
  31          * Output a HTTP header, wrapper for PHP's
  32          * header()
  33          * @param string $string header to output
  34          * @param bool $replace replace current similar header
  35          * @param $http_response_code null|int Forces the HTTP response code to the specified value.
  36          */
  37         public function header( $string, $replace = true, $http_response_code = null ) {
  38                 header( $string, $replace, $http_response_code );
  39         }
  40
  41         /**
  42          * Set the browser cookie
  43          * @param string $name name of cookie
  44          * @param string $value value to give cookie
  45          * @param int|null $expire Unix timestamp (in seconds) when the cookie should expire.
  46          *        0 (the default) causes it to expire $wgCookieExpiration seconds from now.
  47          *        null causes it to be a session cookie.
  48          * @param array $options Assoc of additional cookie options:
  49          *     prefix: string, name prefix ($wgCookiePrefix)
  50          *     domain: string, cookie domain ($wgCookieDomain)
  51          *     path: string, cookie path ($wgCookiePath)
  52          *     secure: bool, secure attribute ($wgCookieSecure)
  53          *     httpOnly: bool, httpOnly attribute ($wgCookieHttpOnly)
  54          *     raw: bool, if true uses PHP's setrawcookie() instead of setcookie()
  55          *   For backwards compatability, if $options is not an array then it and
  56          *   the following two parameters will be interpreted as values for
  57          *   'prefix', 'domain', and 'secure'
  58          * @since 1.22 Replaced $prefix, $domain, and $forceSecure with $options
  59          */
  60         public function setcookie( $name, $value, $expire = 0, $options = null ) {
  61                 global $wgCookiePath, $wgCookiePrefix, $wgCookieDomain;
  62                 global $wgCookieSecure, $wgCookieExpiration, $wgCookieHttpOnly;
  63
  64                 if ( !is_array( $options ) ) {
  65                         // Backwards compatability
  66                         $options = array( 'prefix' => $options );
  67                         if ( func_num_args() >= 5 ) {
  68                                 $options['domain'] = func_get_arg( 4 );
  69                         }
  70                         if ( func_num_args() >= 6 ) {
  71                                 $options['secure'] = func_get_arg( 5 );
  72                         }
  73                 }
  74                 $options = array_filter( $options, function ( $a ) {
  75                         return $a !== null;
  76                 } ) + array(
  77                         'prefix' => $wgCookiePrefix,
  78                         'domain' => $wgCookieDomain,
  79                         'path' => $wgCookiePath,
  80                         'secure' => $wgCookieSecure,
  81                         'httpOnly' => $wgCookieHttpOnly,
  82                         'raw' => false,
  83                 );
  84
  85                 if ( $expire === null ) {
  86                         $expire = 0; // Session cookie
  87                 } elseif ( $expire == 0 && $wgCookieExpiration != 0 ) {
  88                         $expire = time() + $wgCookieExpiration;
  89                 }
  90
  91                 // Don't mark the cookie as httpOnly if the requesting user-agent is
  92                 // known to have trouble with httpOnly cookies.
  93                 if ( !wfHttpOnlySafe() ) {
  94                         $options['httpOnly'] = false;
  95                 }
  96
  97                 $func = $options['raw'] ? 'setrawcookie' : 'setcookie';
  98
  99                 if ( wfRunHooks( 'WebResponseSetCookie', array( &$name, &$value, &$expire, $options ) ) ) {
 100                         wfDebugLog( 'cookie',
 101                                 $func . ': "' . implode( '", "',
 102                                         array(
 103                                                 $options['prefix'] . $name,
 104                                                 $value,
 105                                                 $expire,
 106                                                 $options['path'],
 107                                                 $options['domain'],
 108                                                 $options['secure'],
 109                                                 $options['httpOnly'] ) ) . '"' );
 110
 111                         call_user_func( $func,
 112                                 $options['prefix'] . $name,
 113                                 $value,
 114                                 $expire,
 115                                 $options['path'],
 116                                 $options['domain'],
 117                                 $options['secure'],
 118                                 $options['httpOnly'] );
 119                 }
 120         }
 121 }
 122
 123 /**
 124  * @ingroup HTTP
 125  */
 126 class FauxResponse extends WebResponse {
 127         private $headers;
 128         private $cookies;
 129         private $code;
 130
 131         /**
 132          * Stores a HTTP header
 133          * @param string $string header to output
 134          * @param bool $replace replace current similar header
 135          * @param $http_response_code null|int Forces the HTTP response code to the specified value.
 136          */
 137         public function header( $string, $replace = true, $http_response_code = null ) {
 138                 if ( substr( $string, 0, 5 ) == 'HTTP/' ) {
 139                         $parts = explode( ' ', $string, 3 );
 140                         $this->code = intval( $parts[1] );
 141                 } else {
 142                         list( $key, $val ) = array_map( 'trim', explode( ":", $string, 2 ) );
 143
 144                         $key = strtoupper( $key );
 145
 146                         if ( $replace || !isset( $this->headers[$key] ) ) {
 147                                 $this->headers[$key] = $val;
 148                         }
 149                 }
 150
 151                 if ( $http_response_code !== null ) {
 152                         $this->code = intval( $http_response_code );
 153                 }
 154         }
 155
 156         /**
 157          * @param string $key The name of the header to get (case insensitive).
 158          * @return string
 159          */
 160         public function getheader( $key ) {
 161                 $key = strtoupper( $key );
 162
 163                 if ( isset( $this->headers[$key] ) ) {
 164                         return $this->headers[$key];
 165                 }
 166                 return null;
 167         }
 168
 169         /**
 170          * Get the HTTP response code, null if not set
 171          *
 172          * @return Int or null
 173          */
 174         public function getStatusCode() {
 175                 return $this->code;
 176         }
 177
 178         /**
 179          * @todo document. It just ignore optional parameters.
 180          *
 181          * @param string $name name of cookie
 182          * @param string $value value to give cookie
 183          * @param int $expire number of seconds til cookie expires (Default: 0)
 184          * @param array $options ignored
 185          */
 186         public function setcookie( $name, $value, $expire = 0, $options = null ) {
 187                 $this->cookies[$name] = $value;
 188         }
 189
 190         /**
 191          * @param $name string
 192          * @return string
 193          */
 194         public function getcookie( $name ) {
 195                 if ( isset( $this->cookies[$name] ) ) {
 196                         return $this->cookies[$name];
 197                 }
 198                 return null;
 199         }
 200 }