oxutilsserver.php

Go to the documentation of this file.
00001 <?php
00002 
00006 class oxUtilsServer extends oxSuperCfg
00007 {
00013     private static $_instance = null;
00014 
00020     protected $_aUserCookie = array();
00021 
00027     protected $_sSessionCookiesName = 'aSessionCookies';
00028 
00034     protected $_sSessionCookies = array();
00035 
00041     public static function getInstance()
00042     {
00043         // disable caching for test modules
00044         if ( defined( 'OXID_PHP_UNIT' ) ) {
00045             self::$_instance = modInstances::getMod( __CLASS__ );
00046         }
00047 
00048         if ( !self::$_instance instanceof oxUtilsServer ) {
00049             self::$_instance = oxNew( 'oxUtilsServer');
00050             if ( defined( 'OXID_PHP_UNIT' ) ) {
00051                 modInstances::addMod( __CLASS__, self::$_instance);
00052             }
00053         }
00054         return self::$_instance;
00055     }
00056 
00069     public function setOxCookie( $sName, $sValue = "", $iExpire = 0, $sPath = '/', $sDomain = null, $blToSession = true )
00070     {
00071         //TODO: since setcookie takes more than just 4 params..
00072         // would be nice to have it sending through https only, if in https mode
00073         // or allowing only http access to cookie [no JS access - reduces XSS attack possibility]
00074         // ref: http://lt.php.net/manual/en/function.setcookie.php
00075 
00076         if ( $blToSession && !$this->isAdmin() ) {
00077            $this->_saveSessionCookie( $sName, $sValue, $iExpire, $sPath, $sDomain );
00078         }
00079 
00080         if ( defined('OXID_PHP_UNIT')) {
00081             // do NOT set cookies in php unit.
00082             return;
00083         }
00084 
00085         return setcookie(
00086             $sName,
00087             $sValue,
00088             $iExpire,
00089             $this->_getCookiePath( $sPath ),
00090             $this->_getCookieDomain( $sDomain ),
00091             oxConfig::getInstance()->isSsl(),
00092             true
00093         );
00094     }
00095 
00096     protected $_blSaveToSession = null;
00097 
00103     protected function _mustSaveToSession()
00104     {
00105         if ( $this->_blSaveToSession === null ) {
00106             $this->_blSaveToSession = false;
00107 
00108             $myConfig = $this->getConfig();
00109             if ( $sSslUrl = $myConfig->getSslShopUrl() ) {
00110                 $sUrl  = $myConfig->getShopUrl();
00111 
00112                 $sHost    = parse_url( $sUrl, PHP_URL_HOST );
00113                 $sSslHost = parse_url( $sSslUrl, PHP_URL_HOST );
00114 
00115                 // testing if domains matches..
00116                 if ( $sHost != $sSslHost ) {
00117                     $oUtils = oxUtils::getInstance();
00118                     $this->_blSaveToSession = $oUtils->extractDomain( $sHost ) != $oUtils->extractDomain( $sSslHost );
00119                 }
00120             }
00121         }
00122 
00123         return $this->_blSaveToSession;
00124     }
00125 
00133     protected function _getSessionCookieKey( $blGet )
00134     {
00135         $blSsl = $this->getConfig()->isSsl();
00136         $sKey  = $blSsl ? 'nossl' : 'ssl';
00137 
00138         if ( $blGet ) {
00139             $sKey = $blSsl ? 'ssl' : 'nossl';
00140         }
00141 
00142         return $sKey;
00143     }
00144 
00156     protected function _saveSessionCookie( $sName, $sValue, $iExpire, $sPath, $sDomain )
00157     {
00158         if ( $this->_mustSaveToSession() ) {
00159             $aCookieData = array( 'value' => $sValue, 'expire' => $iExpire, 'path' => $sPath, 'domain' => $sDomain );
00160 
00161             $aSessionCookies = ( array ) oxSession::getVar( $this->_sSessionCookiesName );
00162             $aSessionCookies[$this->_getSessionCookieKey( false )][$sName] = $aCookieData;
00163 
00164             oxSession::setVar( $this->_sSessionCookiesName, $aSessionCookies );
00165         }
00166     }
00167 
00173     public function loadSessionCookies()
00174     {
00175         if ( ( $aSessionCookies = oxSession::getVar( $this->_sSessionCookiesName ) ) ) {
00176             $sKey = $this->_getSessionCookieKey( true );
00177             if ( isset( $aSessionCookies[$sKey] ) ) {
00178                 // writing session data to cookies
00179                 foreach ( $aSessionCookies[$sKey] as $sName => $aCookieData ) {
00180                     $this->setOxCookie( $sName, $aCookieData['value'], $aCookieData['expire'], $aCookieData['path'], $aCookieData['domain'], false );
00181                     $this->_sSessionCookies[$sName] = $aCookieData['value'];
00182                 }
00183 
00184                 // cleanup
00185                 unset( $aSessionCookies[$sKey] );
00186                 oxSession::setVar( $this->_sSessionCookiesName, $aSessionCookies );
00187             }
00188         }
00189     }
00190 
00201     protected function _getCookiePath( $sPath )
00202     {
00203         // possibility for users to define cookie path
00204         // @deprecated use "aCookiePaths" instead
00205         if ( $sCookiePath = $this->getConfig()->getConfigParam( 'sCookiePath' ) ) {
00206             $sPath = $sCookiePath;
00207         } elseif ( $aCookiePaths = $this->getConfig()->getConfigParam( 'aCookiePaths' ) ) {
00208             // in case user wants to have shop specific setup
00209             $sShopId = $this->getConfig()->getShopId();
00210             $sPath = isset( $aCookiePaths[$sShopId] ) ? $aCookiePaths[$sShopId] : $sPath;
00211         }
00212 
00213         // from php doc: .. You may also replace an argument with an empty string ("") in order to skip that argument..
00214         return $sPath ? $sPath : "";
00215     }
00216 
00227     protected function _getCookieDomain( $sDomain )
00228     {
00229         $sDomain = $sDomain ? $sDomain : "";
00230 
00231         // on special cases, like separate domain for SSL, cookies must be defined on domain specific path
00232         // please have a look at
00233         if ( !$sDomain ) {
00234             // @deprecated use "aCookieDomains" instead
00235             if ( $sCookieDomain = $this->getConfig()->getConfigParam( 'sCookieDomain' ) ) {
00236                 $sDomain = $sCookieDomain;
00237             } elseif ( $aCookieDomains = $this->getConfig()->getConfigParam( 'aCookieDomains' ) ) {
00238                 // in case user wants to have shop specific setup
00239                 $sShopId = $this->getConfig()->getShopId();
00240                 $sDomain = isset( $aCookieDomains[$sShopId] ) ? $aCookieDomains[$sShopId] : $sDomain;
00241             }
00242         }
00243         return $sDomain;
00244     }
00245 
00254     public function getOxCookie( $sName = null )
00255     {
00256         $sValue = null;
00257         if ( $sName && isset( $_COOKIE[$sName] ) ) {
00258             $sValue = oxConfig::checkSpecialChars($_COOKIE[$sName]);
00259         } elseif ( $sName && !isset( $_COOKIE[$sName] ) ) {
00260             $sValue = isset( $this->_sSessionCookies[$sName] ) ? $this->_sSessionCookies[$sName] : null;
00261         } elseif ( !$sName && isset( $_COOKIE ) ) {
00262             $sValue = $_COOKIE;
00263         }
00264         return $sValue;
00265     }
00266 
00272     public function getRemoteAddress()
00273     {
00274         if ( isset( $_SERVER["HTTP_X_FORWARDED_FOR"] ) ) {
00275             $sIP = $_SERVER["HTTP_X_FORWARDED_FOR"];
00276             $sIP = preg_replace('/,.*$/', '', $sIP);
00277         } elseif ( isset( $_SERVER["HTTP_CLIENT_IP"] ) ) {
00278             $sIP = $_SERVER["HTTP_CLIENT_IP"];
00279         } else {
00280             $sIP = $_SERVER["REMOTE_ADDR"];
00281         }
00282         return $sIP;
00283     }
00284 
00292     public function getServerVar( $sServVar = null )
00293     {
00294         $sValue = null;
00295         if ( isset( $_SERVER ) ) {
00296             if ( $sServVar && isset( $_SERVER[$sServVar] ) ) {
00297                 $sValue = $_SERVER[$sServVar];
00298             } elseif ( !$sServVar ) {
00299                 $sValue = $_SERVER;
00300             }
00301         }
00302         return $sValue;
00303     }
00304 
00315     public function setUserCookie( $sUser, $sPassword,  $sShopId = null, $iTimeout = 31536000 )
00316     {
00317         $sShopId = ( !$sShopId ) ? $this->getConfig()->getShopId() : $sShopId;
00318         $this->_aUserCookie[$sShopId] = $sUser . '@@@' . crypt( $sPassword, 'ox' );
00319         $this->setOxCookie( 'oxid_' . $sShopId, $this->_aUserCookie[$sShopId], oxUtilsDate::getInstance()->getTime() + $iTimeout, '/' );
00320     }
00321 
00329     public function deleteUserCookie( $sShopId = null )
00330     {
00331         $sShopId = ( !$sShopId ) ? $this->getConfig()->getShopId() : $sShopId;
00332         $this->_aUserCookie[$sShopId] = '';
00333         $this->setOxCookie( 'oxid_'.$sShopId, '', oxUtilsDate::getInstance()->getTime() - 3600, '/' );
00334     }
00335 
00343     public function getUserCookie( $sShopId = null )
00344     {
00345         $sShopId = ( !$sShopId ) ? parent::getConfig()->getShopID() : $sShopId;
00346         if ( $this->_aUserCookie[$sShopId] !== null ) {
00347             if ( !$this->_aUserCookie[$sShopId] ) {
00348                 // cookie has been deleted
00349                 return null;
00350             }
00351             return $this->_aUserCookie[$sShopId];
00352         }
00353 
00354         return $this->_aUserCookie[$sShopId] = $this->getOxCookie( 'oxid_'.$sShopId );
00355     }
00356 
00363     public function isTrustedClientIp()
00364     {
00365         $blTrusted = false;
00366         $aTrustedIPs = ( array ) $this->getConfig()->getConfigParam( "aTrustedIPs" );
00367         if ( count( $aTrustedIPs ) ) {
00368             $blTrusted = in_array( $this->getRemoteAddress(), $aTrustedIPs );
00369         }
00370 
00371         return $blTrusted;
00372     }
00373 
00381     public function processUserAgentInfo( $sAgent )
00382     {
00383         if ( $sAgent ) {
00384             $sAgent = getStr()->preg_replace( "/MSIE(\s)?(\S)*(\s)/", "", (string) $sAgent );
00385         }
00386         return $sAgent;
00387     }
00388 }