173 PHP_FUNCTION(setcookie)
174 {
175 char *name, *value = NULL, *path = NULL, *domain = NULL;
176 long expires = 0;
177 zend_bool secure = 0, httponly = 0;
178 int name_len, value_len = 0, path_len = 0, domain_len = 0;
179
180 if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, “s|slssbb”, &name,
181 &name_len, &value, &value_len, &expires, &path,
182 &path_len, &domain, &domain_len, &secure, &httponly) ==
FAILURE) {
183 return;
184 }
185
186 if (php_setcookie(name, name_len, value, value_len, expires, path, path_len, domain,
domain_len, secure, 1, httponly TSRMLS_CC) == SUCCESS) {
187 RETVAL_TRUE;
188 } else {
189 RETVAL_FALSE;
190 }
191 }
76 PHPAPI int php_setcookie(char *name, int name_len, char *value, int value_len, time_t
expires, char *path, int path_len, char *domain, int domain_len, int secure, int url_encode,
int httponly TSRMLS_DC)
77 {
78 char *cookie, *encoded_value = NULL;
79 int len=sizeof(“Set-Cookie: “);
80 char *dt;
81 sapi_header_line ctr = {0};
82 int result;
83
84 if (name && strpbrk(name, “=,; trn1314”) != NULL) { /* man isspace for 13
and 14 */
85 zend_error( E_WARNING, “Cookie names cannot contain any of the following ‘=,;
trn1314′” );
86 return FAILURE;
87 }
88
89 if (!url_encode && value && strpbrk(value, “,; trn1314”) != NULL) { /* man
isspace for 13 and 14 */
90 zend_error( E_WARNING, “Cookie values cannot contain any of the following ‘,;
trn1314′” );
91 return FAILURE;
92 }
93
94 len += name_len;
95 if (value && url_encode) {
96 int encoded_value_len;
97
98 encoded_value = php_url_encode(value, value_len, &encoded_value_len);
99 len += encoded_value_len;
100 } else if ( value ) {
101 encoded_value = estrdup(value);
102 len += value_len;
103 }
104 if (path) {
105 len += path_len;
106 }
107 if (domain) {
108 len += domain_len;
109 }
110
111 cookie = emalloc(len + 100);
112
113 if (value && value_len == 0) {
114 /*
115 * MSIE doesn’t delete a cookie when you set it to a null value
116 * so in order to force cookies to be deleted, even on MSIE, we
117 * pick an expiry date in the past
118 */
119 dt = php_format_date(“D, d-M-Y H:i:s T”, sizeof(“D, d-M-Y H:i:s T”)-1, 1, 0
TSRMLS_CC);
120 snprintf(cookie, len + 100, “Set-Cookie: %s=deleted; expires=%s”, name, dt);
121 efree(dt);
122 } else {
123 snprintf(cookie, len + 100, “Set-Cookie: %s=%s”, name, value ? encoded_value :
“”);
124 if (expires > 0) {
125 const char *p;
126 strlcat(cookie, “; expires=”, len + 100);
127 dt = php_format_date(“D, d-M-Y H:i:s T”, sizeof(“D, d-M-Y H:i:s T”)-1,
expires, 0 TSRMLS_CC);
128 /* check to make sure that the year does not exceed 4 digits in length */
129 p = zend_memrchr(dt, ‘-‘, strlen(dt));
130 if (!p || *(p + 5) != ‘ ‘) {