OXID eShop CE: core/oxutilsserver.php Source File

Go to the documentation of this file.
00001 <?php
00002 
00006 class oxUtilsServer extends oxSuperCfg
00007 {
00013     private static $_instance = null;
00014 
00020     protected $_aUserCookie = array();
00021 
00027     protected $_sSessionCookiesName = 'aSessionCookies';
00028 
00034     protected $_sSessionCookies = array();
00035 
00041     public static function getInstance()
00042     {
00043         // disable caching for test modules
00044         if ( defined( 'OXID_PHP_UNIT' ) ) {
00045             self::$_instance = modInstances::getMod( __CLASS__ );
00046         }
00047 
00048         if ( !self::$_instance instanceof oxUtilsServer ) {
00049             self::$_instance = oxNew( 'oxUtilsServer');
00050             if ( defined( 'OXID_PHP_UNIT' ) ) {
00051                 modInstances::addMod( __CLASS__, self::$_instance);
00052             }
00053         }
00054         return self::$_instance;
00055     }
00056 
00069     public function setOxCookie( $sName, $sValue = "", $iExpire = 0, $sPath = '/', $sDomain = null, $blToSession = true )
00070     {
00071         //TODO: since setcookie takes more than just 4 params..
00072         // would be nice to have it sending through https only, if in https mode
00073         // or allowing only http access to cookie [no JS access - reduces XSS attack possibility]
00074         // ref: http://lt.php.net/manual/en/function.setcookie.php
00075 
00076         if ( $blToSession ) {
00077            $this->_saveSessionCookie( $sName, $sValue, $iExpire, $sPath, $sDomain );
00078         }
00079 
00080         if ( defined('OXID_PHP_UNIT')) {
00081             // do NOT set cookies in php unit.
00082             return;
00083         }
00084 
00085         return setcookie( $sName, $sValue, $iExpire, $this->_getCookiePath( $sPath ), $this->_getCookieDomain( $sDomain ) );
00086     }
00087 
00088     protected $_blSaveToSession = null;
00089 
00095     protected function _mustSaveToSession()
00096     {
00097         if ( $this->_blSaveToSession === null ) {
00098             $this->_blSaveToSession = false;
00099 
00100             $myConfig = $this->getConfig();
00101             if ( $sSslUrl = $myConfig->getSslShopUrl() ) {
00102                 $sUrl  = $myConfig->getShopUrl();
00103 
00104                 $sHost    = parse_url( $sUrl, PHP_URL_HOST );
00105                 $sSslHost = parse_url( $sSslUrl, PHP_URL_HOST );
00106 
00107                 // testing if domains matches..
00108                 if ( $sHost != $sSslHost ) {
00109                     $oUtils = oxUtils::getInstance();
00110                     $this->_blSaveToSession = $oUtils->extractDomain( $sHost ) != $oUtils->extractDomain( $sSslHost );
00111                 }
00112             }
00113         }
00114 
00115         return $this->_blSaveToSession;
00116     }
00117 
00125     protected function _getSessionCookieKey( $blGet )
00126     {
00127         $blSsl = $this->getConfig()->isSsl();
00128         $sKey  = $blSsl ? 'nossl' : 'ssl';
00129 
00130         if ( $blGet ) {
00131             $sKey = $blSsl ? 'ssl' : 'nossl';
00132         }
00133 
00134         return $sKey;
00135     }
00136 
00148     protected function _saveSessionCookie( $sName, $sValue, $iExpire, $sPath, $sDomain )
00149     {
00150         if ( $this->_mustSaveToSession() ) {
00151             $aCookieData = array( 'value' => $sValue, 'expire' => $iExpire, 'path' => $sPath, 'domain' => $sDomain );
00152 
00153             $aSessionCookies = ( array ) oxSession::getVar( $this->_sSessionCookiesName );
00154             $aSessionCookies[$this->_getSessionCookieKey( false )][$sName] = $aCookieData;
00155 
00156             oxSession::setVar( $this->_sSessionCookiesName, $aSessionCookies );
00157         }
00158     }
00159 
00165     public function loadSessionCookies()
00166     {
00167         if ( ( $aSessionCookies = oxSession::getVar( $this->_sSessionCookiesName ) ) ) {
00168             $sKey = $this->_getSessionCookieKey( true );
00169             if ( isset( $aSessionCookies[$sKey] ) ) {
00170                 // writing session data to cookies
00171                 foreach ( $aSessionCookies[$sKey] as $sName => $aCookieData ) {
00172                     $this->setOxCookie( $sName, $aCookieData['value'], $aCookieData['expire'], $aCookieData['path'], $aCookieData['domain'], false );
00173                     $this->_sSessionCookies[$sName] = $aCookieData['value'];
00174                 }
00175 
00176                 // cleanup
00177                 unset( $aSessionCookies[$sKey] );
00178                 oxSession::setVar( $this->_sSessionCookiesName, $aSessionCookies );
00179             }
00180         }
00181     }
00182 
00193     protected function _getCookiePath( $sPath )
00194     {
00195         // possibility for users to define cookie path
00196         // @deprecated use "aCookiePaths" instead
00197         if ( $sCookiePath = $this->getConfig()->getConfigParam( 'sCookiePath' ) ) {
00198             $sPath = $sCookiePath;
00199         } elseif ( $aCookiePaths = $this->getConfig()->getConfigParam( 'aCookiePaths' ) ) {
00200             // in case user wants to have shop specific setup
00201             $sShopId = $this->getConfig()->getShopId();
00202             $sPath = isset( $aCookiePaths[$sShopId] ) ? $aCookiePaths[$sShopId] : $sPath;
00203         }
00204 
00205         // from php doc: .. You may also replace an argument with an empty string ("") in order to skip that argument..
00206         return $sPath ? $sPath : "";
00207     }
00208 
00219     protected function _getCookieDomain( $sDomain )
00220     {
00221         $sDomain = $sDomain ? $sDomain : "";
00222 
00223         // on special cases, like separate domain for SSL, cookies must be defined on domain specific path
00224         // please have a look at
00225         if ( !$sDomain ) {
00226             // @deprecated use "aCookieDomains" instead
00227             if ( $sCookieDomain = $this->getConfig()->getConfigParam( 'sCookieDomain' ) ) {
00228                 $sDomain = $sCookieDomain;
00229             } elseif ( $aCookieDomains = $this->getConfig()->getConfigParam( 'aCookieDomains' ) ) {
00230                 // in case user wants to have shop specific setup
00231                 $sShopId = $this->getConfig()->getShopId();
00232                 $sDomain = isset( $aCookieDomains[$sShopId] ) ? $aCookieDomains[$sShopId] : $sDomain;
00233             }
00234         }
00235         return $sDomain;
00236     }
00237 
00246     public function getOxCookie( $sName = null )
00247     {
00248         $sValue = null;
00249         if ( $sName && isset( $_COOKIE[$sName] ) ) {
00250             $sValue = oxConfig::checkSpecialChars($_COOKIE[$sName]);
00251         } elseif ( $sName && !isset( $_COOKIE[$sName] ) ) {
00252             $sValue = isset( $this->_sSessionCookies[$sName] ) ? $this->_sSessionCookies[$sName] : null;
00253         } elseif ( !$sName && isset( $_COOKIE ) ) {
00254             $sValue = $_COOKIE;
00255         }
00256         return $sValue;
00257     }
00258 
00264     public function getRemoteAddress()
00265     {
00266         if ( isset( $_SERVER["HTTP_X_FORWARDED_FOR"] ) ) {
00267             $sIP = $_SERVER["HTTP_X_FORWARDED_FOR"];
00268             $sIP = preg_replace('/,.*$/', '', $sIP);
00269         } elseif ( isset( $_SERVER["HTTP_CLIENT_IP"] ) ) {
00270             $sIP = $_SERVER["HTTP_CLIENT_IP"];
00271         } else {
00272             $sIP = $_SERVER["REMOTE_ADDR"];
00273         }
00274         return $sIP;
00275     }
00276 
00284     public function getServerVar( $sServVar = null )
00285     {
00286         $sValue = null;
00287         if ( isset( $_SERVER ) ) {
00288             if ( $sServVar && isset( $_SERVER[$sServVar] ) ) {
00289                 $sValue = $_SERVER[$sServVar];
00290             } elseif ( !$sServVar ) {
00291                 $sValue = $_SERVER;
00292             }
00293         }
00294         return $sValue;
00295     }
00296 
00307     public function setUserCookie( $sUser, $sPassword,  $sShopId = null, $iTimeout = 31536000 )
00308     {
00309         $sShopId = ( !$sShopId ) ? $this->getConfig()->getShopId() : $sShopId;
00310         $this->_aUserCookie[$sShopId] = $sUser . '@@@' . crypt( $sPassword, 'ox' );
00311         $this->setOxCookie( 'oxid_' . $sShopId, $this->_aUserCookie[$sShopId], oxUtilsDate::getInstance()->getTime() + $iTimeout, '/' );
00312     }
00313 
00321     public function deleteUserCookie( $sShopId = null )
00322     {
00323         $sShopId = ( !$sShopId ) ? $this->getConfig()->getShopId() : $sShopId;
00324         $this->_aUserCookie[$sShopId] = '';
00325         $this->setOxCookie( 'oxid_'.$sShopId, '', oxUtilsDate::getInstance()->getTime() - 3600, '/' );
00326     }
00327 
00335     public function getUserCookie( $sShopId = null )
00336     {
00337         $sShopId = ( !$sShopId ) ? parent::getConfig()->getShopID() : $sShopId;
00338         if ( $this->_aUserCookie[$sShopId] !== null ) {
00339             if ( !$this->_aUserCookie[$sShopId] ) {
00340                 // cookie has been deleted
00341                 return null;
00342             }
00343             return $this->_aUserCookie[$sShopId];
00344         }
00345 
00346         return $this->_aUserCookie[$sShopId] = $this->getOxCookie( 'oxid_'.$sShopId );
00347     }
00348 
00355     public function isTrustedClientIp()
00356     {
00357         $blTrusted = false;
00358         $aTrustedIPs = ( array ) $this->getConfig()->getConfigParam( "aTrustedIPs" );
00359         if ( count( $aTrustedIPs ) ) {
00360             $blTrusted = in_array( $this->getRemoteAddress(), $aTrustedIPs );
00361         }
00362 
00363         return $blTrusted;
00364     }
00365 
00373     public function processUserAgentInfo( $sAgent )
00374     {
00375         if ( $sAgent ) {
00376             $sAgent = getStr()->preg_replace( "/MSIE(\s)?(\S)*(\s)/", "", (string) $sAgent );
00377         }
00378         return $sAgent;
00379     }
00380 }