diff options
author | Ilia Alshanetsky <iliaa@php.net> | 2006-08-10 13:50:56 +0000 |
---|---|---|
committer | Ilia Alshanetsky <iliaa@php.net> | 2006-08-10 13:50:56 +0000 |
commit | e5fe441cbd20df608a1a71e18644caf74c82f691 (patch) | |
tree | 77b540d35af849be2005ad6f9f9114e661e8f744 /ext/standard/head.c | |
parent | 1ec10ac8c7dc0d8302ba7cb83f6eafdffbdd3952 (diff) | |
download | php-git-e5fe441cbd20df608a1a71e18644caf74c82f691.tar.gz |
Added support for httpOnly flag for session extension and cookie setting
functions.
# Original patch by Scott MacVicar
Diffstat (limited to 'ext/standard/head.c')
-rw-r--r-- | ext/standard/head.c | 25 |
1 files changed, 14 insertions, 11 deletions
diff --git a/ext/standard/head.c b/ext/standard/head.c index 08ae3296b7..13088cacb4 100644 --- a/ext/standard/head.c +++ b/ext/standard/head.c @@ -60,7 +60,7 @@ PHPAPI int php_header(TSRMLS_D) } -PHPAPI int php_setcookie(char *name, int name_len, char *value, int value_len, time_t expires, char *path, int path_len, char *domain, int domain_len, int secure, int url_encode TSRMLS_DC) +PHPAPI int php_setcookie(char *name, int name_len, char *value, int value_len, time_t expires, char *path, int path_len, char *domain, int domain_len, int secure, int url_encode, int httponly TSRMLS_DC) { char *cookie, *encoded_value = NULL; int len=sizeof("Set-Cookie: "); @@ -131,6 +131,9 @@ PHPAPI int php_setcookie(char *name, int name_len, char *value, int value_len, t if (secure) { strcat(cookie, "; secure"); } + if (httponly) { + strcat(cookie, "; httponly"); + } ctr.line = cookie; ctr.line_len = strlen(cookie); @@ -142,22 +145,22 @@ PHPAPI int php_setcookie(char *name, int name_len, char *value, int value_len, t /* php_set_cookie(name, value, expires, path, domain, secure) */ -/* {{{ proto bool setcookie(string name [, string value [, int expires [, string path [, string domain [, bool secure]]]]]) +/* {{{ proto bool setcookie(string name [, string value [, int expires [, string path [, string domain [, bool secure[, bool httponly]]]]]]) Send a cookie */ PHP_FUNCTION(setcookie) { char *name, *value = NULL, *path = NULL, *domain = NULL; long expires = 0; - zend_bool secure = 0; + zend_bool secure = 0, httponly = 0; int name_len, value_len, path_len, domain_len; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|slssb", &name, + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|slssbb", &name, &name_len, &value, &value_len, &expires, &path, - &path_len, &domain, &domain_len, &secure) == FAILURE) { + &path_len, &domain, &domain_len, &secure, &httponly) == FAILURE) { return; } - if (php_setcookie(name, name_len, value, value_len, expires, path, path_len, domain, domain_len, secure, 1 TSRMLS_CC) == SUCCESS) { + if (php_setcookie(name, name_len, value, value_len, expires, path, path_len, domain, domain_len, secure, 1, httponly TSRMLS_CC) == SUCCESS) { RETVAL_TRUE; } else { RETVAL_FALSE; @@ -165,22 +168,22 @@ PHP_FUNCTION(setcookie) } /* }}} */ -/* {{{ proto bool setrawcookie(string name [, string value [, int expires [, string path [, string domain [, bool secure]]]]]) +/* {{{ proto bool setrawcookie(string name [, string value [, int expires [, string path [, string domain [, bool secure[, bool httponly]]]]]]) Send a cookie with no url encoding of the value */ PHP_FUNCTION(setrawcookie) { char *name, *value = NULL, *path = NULL, *domain = NULL; long expires = 0; - zend_bool secure = 0; + zend_bool secure = 0, httponly = 0; int name_len, value_len, path_len, domain_len; - if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|slssb", &name, + if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|slssbb", &name, &name_len, &value, &value_len, &expires, &path, - &path_len, &domain, &domain_len, &secure) == FAILURE) { + &path_len, &domain, &domain_len, &secure, &httponly) == FAILURE) { return; } - if (php_setcookie(name, name_len, value, value_len, expires, path, path_len, domain, domain_len, secure, 0 TSRMLS_CC) == SUCCESS) { + if (php_setcookie(name, name_len, value, value_len, expires, path, path_len, domain, domain_len, secure, 0, httponly TSRMLS_CC) == SUCCESS) { RETVAL_TRUE; } else { RETVAL_FALSE; |