@@ -56,32 +56,13 @@ public function __construct(array $source = null, array $options = [])
5656 *
5757 * @param string $name Name of the value to set.
5858 * @param mixed $value Value to assign to the input.
59- * @param integer $expire The time the cookie expires. This is a Unix timestamp so is in number
60- * of seconds since the epoch. In other words, you'll most likely set this
61- * with the time() function plus the number of seconds before you want it
62- * to expire. Or you might use mktime(). time()+60*60*24*30 will set the
63- * cookie to expire in 30 days. If set to 0, or omitted, the cookie will
64- * expire at the end of the session (when the browser closes).
65- * @param string $path The path on the server in which the cookie will be available on. If set
66- * to '/', the cookie will be available within the entire domain. If set to
67- * '/foo/', the cookie will only be available within the /foo/ directory and
68- * all sub-directories such as /foo/bar/ of domain. The default value is the
69- * current directory that the cookie is being set in.
70- * @param string $domain The domain that the cookie is available to. To make the cookie available
71- * on all subdomains of example.com (including example.com itself) then you'd
72- * set it to '.example.com'. Although some browsers will accept cookies without
73- * the initial ., RFC 2109 requires it to be included. Setting the domain to
74- * 'www.example.com' or '.www.example.com' will make the cookie only available
75- * in the www subdomain.
76- * @param boolean $secure Indicates that the cookie should only be transmitted over a secure HTTPS
77- * connection from the client. When set to TRUE, the cookie will only be set
78- * if a secure connection exists. On the server-side, it's on the programmer
79- * to send this kind of cookie only on secure connection (e.g. with respect
80- * to $_SERVER["HTTPS"]).
81- * @param boolean $httpOnly When TRUE the cookie will be made accessible only through the HTTP protocol.
82- * This means that the cookie won't be accessible by scripting languages, such
83- * as JavaScript. This setting can effectively help to reduce identity theft
84- * through XSS attacks (although it is not supported by all browsers).
59+ * @param array $options An associative array which may have any of the keys expires, path, domain,
60+ * secure, httponly and samesite. The values have the same meaning as described
61+ * for the parameters with the same name. The value of the samesite element
62+ * should be either Lax or Strict. If any of the allowed options are not given,
63+ * their default values are the same as the default values of the explicit
64+ * parameters. If the samesite element is omitted, no SameSite cookie attribute
65+ * is set.
8566 *
8667 * @return void
8768 *
@@ -92,14 +73,85 @@ public function __construct(array $source = null, array $options = [])
9273 * @deprecated 4.3 will be removed in 6.0.
9374 * Use Joomla\Input\Cookie instead
9475 */
95- public function set ($ name$ value$ expire 0 , $ path = '' , $ domain = '' , $ secure = false , $ httpOnly = false )
76+ public function set ($ name$ value$ options [] )
9677 {
97- if (\is_array ($ value
98- foreach ($ valueas $ key$ val
99- setcookie ($ name"[ $ key] " , $ val$ expire$ path$ domain$ secure$ httpOnly
78+ // BC layer to convert old method parameters.
79+ if (is_array ($ optionsfalse ) {
80+ trigger_deprecation (
81+ 'joomla/input ' ,
82+ '1.4.0 ' ,
83+ 'The %s($name, $value, $expire, $path, $domain, $secure, $httpOnly) signature is deprecated and '
84+ . ' will not be supported once support '
85+ . ' for PHP 7.2 and earlier is dropped, use the %s($name, $value, $options) signature instead ' ,
86+ __METHOD__ ,
87+ __METHOD__
88+ );
89+
90+ $ argListfunc_get_args ();
91+
92+ $ options
93+ 'expires ' => $ argList2 ] ?? 0 ,
94+ 'path ' => $ argList3 ] ?? '' ,
95+ 'domain ' => $ argList4 ] ?? '' ,
96+ 'secure ' => $ argList5 ] ?? false ,
97+ 'httponly ' => $ argList6 ] ?? false ,
98+ ];
99+ }
100+
101+ // Set the cookie
102+ if (version_compare (PHP_VERSION , '7.3 ' , '>= ' )) {
103+ if (\is_array ($ value
104+ foreach ($ valueas $ key$ val
105+ setcookie ($ name"[ $ key] " , $ val$ options
106+ }
107+ } else {
108+ setcookie ($ name$ value$ options
100109 }
101110 } else {
102- setcookie ($ name$ value$ expire$ path$ domain$ secure$ httpOnly
111+ // Using the setcookie function before php 7.3, make sure we have default values.
112+ if (array_key_exists ('expires ' , $ optionsfalse ) {
113+ $ options'expires ' ] = 0 ;
114+ }
115+
116+ if (array_key_exists ('path ' , $ optionsfalse ) {
117+ $ options'path ' ] = '' ;
118+ }
119+
120+ if (array_key_exists ('domain ' , $ optionsfalse ) {
121+ $ options'domain ' ] = '' ;
122+ }
123+
124+ if (array_key_exists ('secure ' , $ optionsfalse ) {
125+ $ options'secure ' ] = false ;
126+ }
127+
128+ if (array_key_exists ('httponly ' , $ optionsfalse ) {
129+ $ options'httponly ' ] = false ;
130+ }
131+
132+ if (\is_array ($ value
133+ foreach ($ valueas $ key$ val
134+ setcookie (
135+ $ name"[ $ key] " ,
136+ $ val
137+ $ options'expires ' ],
138+ $ options'path ' ],
139+ $ options'domain ' ],
140+ $ options'secure ' ],
141+ $ options'httponly ' ]
142+ );
143+ }
144+ } else {
145+ setcookie (
146+ $ name
147+ $ value
148+ $ options'expires ' ],
149+ $ options'path ' ],
150+ $ options'domain ' ],
151+ $ options'secure ' ],
152+ $ options'httponly ' ]
153+ );
154+ }
103155 }
104156
105157 $ this data [$ name$ value
0 commit comments