oxutilsserver.php

Go to the documentation of this file.
00001 <?php
00002 
00006 class oxUtilsServer extends oxSuperCfg
00007 {
00013     private static $_instance = null;
00014 
00020     protected $_aUserCookie = array();
00021 
00027     protected $_sSessionCookiesName = 'aSessionCookies';
00028 
00034     protected $_sSessionCookies = array();
00035 
00041     public static function getInstance()
00042     {
00043         // disable caching for test modules
00044         if ( defined( 'OXID_PHP_UNIT' ) ) {
00045             self::$_instance = modInstances::getMod( __CLASS__ );
00046         }
00047 
00048         if ( !self::$_instance instanceof oxUtilsServer ) {
00049             self::$_instance = oxNew( 'oxUtilsServer');
00050             if ( defined( 'OXID_PHP_UNIT' ) ) {
00051                 modInstances::addMod( __CLASS__, self::$_instance);
00052             }
00053         }
00054         return self::$_instance;
00055     }
00056 
00070     public function setOxCookie( $sName, $sValue = "", $iExpire = 0, $sPath = '/', $sDomain = null, $blToSession = true, $blSecure = false )
00071     {
00072         //TODO: since setcookie takes more than just 4 params..
00073         // would be nice to have it sending through https only, if in https mode
00074         // or allowing only http access to cookie [no JS access - reduces XSS attack possibility]
00075         // ref: http://lt.php.net/manual/en/function.setcookie.php
00076 
00077         if ( $blToSession && !$this->isAdmin() ) {
00078            $this->_saveSessionCookie( $sName, $sValue, $iExpire, $sPath, $sDomain );
00079         }
00080 
00081         if ( defined('OXID_PHP_UNIT')) {
00082             // do NOT set cookies in php unit.
00083             return;
00084         }
00085 
00086         return setcookie(
00087             $sName,
00088             $sValue,
00089             $iExpire,
00090             $this->_getCookiePath( $sPath ),
00091             $this->_getCookieDomain( $sDomain ),
00092             $blSecure,
00093             true
00094         );
00095     }
00096 
00097     protected $_blSaveToSession = null;
00098 
00104     protected function _mustSaveToSession()
00105     {
00106         if ( $this->_blSaveToSession === null ) {
00107             $this->_blSaveToSession = false;
00108 
00109             $myConfig = $this->getConfig();
00110             if ( $sSslUrl = $myConfig->getSslShopUrl() ) {
00111                 $sUrl  = $myConfig->getShopUrl();
00112 
00113                 $sHost    = parse_url( $sUrl, PHP_URL_HOST );
00114                 $sSslHost = parse_url( $sSslUrl, PHP_URL_HOST );
00115 
00116                 // testing if domains matches..
00117                 if ( $sHost != $sSslHost ) {
00118                     $oUtils = oxUtils::getInstance();
00119                     $this->_blSaveToSession = $oUtils->extractDomain( $sHost ) != $oUtils->extractDomain( $sSslHost );
00120                 }
00121             }
00122         }
00123 
00124         return $this->_blSaveToSession;
00125     }
00126 
00134     protected function _getSessionCookieKey( $blGet )
00135     {
00136         $blSsl = $this->getConfig()->isSsl();
00137         $sKey  = $blSsl ? 'nossl' : 'ssl';
00138 
00139         if ( $blGet ) {
00140             $sKey = $blSsl ? 'ssl' : 'nossl';
00141         }
00142 
00143         return $sKey;
00144     }
00145 
00157     protected function _saveSessionCookie( $sName, $sValue, $iExpire, $sPath, $sDomain )
00158     {
00159         if ( $this->_mustSaveToSession() ) {
00160             $aCookieData = array( 'value' => $sValue, 'expire' => $iExpire, 'path' => $sPath, 'domain' => $sDomain );
00161 
00162             $aSessionCookies = ( array ) oxSession::getVar( $this->_sSessionCookiesName );
00163             $aSessionCookies[$this->_getSessionCookieKey( false )][$sName] = $aCookieData;
00164 
00165             oxSession::setVar( $this->_sSessionCookiesName, $aSessionCookies );
00166         }
00167     }
00168 
00174     public function loadSessionCookies()
00175     {
00176         if ( ( $aSessionCookies = oxSession::getVar( $this->_sSessionCookiesName ) ) ) {
00177             $sKey = $this->_getSessionCookieKey( true );
00178             if ( isset( $aSessionCookies[$sKey] ) ) {
00179                 // writing session data to cookies
00180                 foreach ( $aSessionCookies[$sKey] as $sName => $aCookieData ) {
00181                     $this->setOxCookie( $sName, $aCookieData['value'], $aCookieData['expire'], $aCookieData['path'], $aCookieData['domain'], false );
00182                     $this->_sSessionCookies[$sName] = $aCookieData['value'];
00183                 }
00184 
00185                 // cleanup
00186                 unset( $aSessionCookies[$sKey] );
00187                 oxSession::setVar( $this->_sSessionCookiesName, $aSessionCookies );
00188             }
00189         }
00190     }
00191 
00202     protected function _getCookiePath( $sPath )
00203     {
00204         // possibility for users to define cookie path
00205         // @deprecated use "aCookiePaths" instead
00206         if ( $sCookiePath = $this->getConfig()->getConfigParam( 'sCookiePath' ) ) {
00207             $sPath = $sCookiePath;
00208         } elseif ( $aCookiePaths = $this->getConfig()->getConfigParam( 'aCookiePaths' ) ) {
00209             // in case user wants to have shop specific setup
00210             $sShopId = $this->getConfig()->getShopId();
00211             $sPath = isset( $aCookiePaths[$sShopId] ) ? $aCookiePaths[$sShopId] : $sPath;
00212         }
00213 
00214         // from php doc: .. You may also replace an argument with an empty string ("") in order to skip that argument..
00215         return $sPath ? $sPath : "";
00216     }
00217 
00228     protected function _getCookieDomain( $sDomain )
00229     {
00230         $sDomain = $sDomain ? $sDomain : "";
00231 
00232         // on special cases, like separate domain for SSL, cookies must be defined on domain specific path
00233         // please have a look at
00234         if ( !$sDomain ) {
00235             // @deprecated use "aCookieDomains" instead
00236             if ( $sCookieDomain = $this->getConfig()->getConfigParam( 'sCookieDomain' ) ) {
00237                 $sDomain = $sCookieDomain;
00238             } elseif ( $aCookieDomains = $this->getConfig()->getConfigParam( 'aCookieDomains' ) ) {
00239                 // in case user wants to have shop specific setup
00240                 $sShopId = $this->getConfig()->getShopId();
00241                 $sDomain = isset( $aCookieDomains[$sShopId] ) ? $aCookieDomains[$sShopId] : $sDomain;
00242             }
00243         }
00244         return $sDomain;
00245     }
00246 
00255     public function getOxCookie( $sName = null )
00256     {
00257         $sValue = null;
00258         if ( $sName && isset( $_COOKIE[$sName] ) ) {
00259             $sValue = oxConfig::checkSpecialChars($_COOKIE[$sName]);
00260         } elseif ( $sName && !isset( $_COOKIE[$sName] ) ) {
00261             $sValue = isset( $this->_sSessionCookies[$sName] ) ? $this->_sSessionCookies[$sName] : null;
00262         } elseif ( !$sName && isset( $_COOKIE ) ) {
00263             $sValue = $_COOKIE;
00264         }
00265         return $sValue;
00266     }
00267 
00273     public function getRemoteAddress()
00274     {
00275         if ( isset( $_SERVER["HTTP_X_FORWARDED_FOR"] ) ) {
00276             $sIP = $_SERVER["HTTP_X_FORWARDED_FOR"];
00277             $sIP = preg_replace('/,.*$/', '', $sIP);
00278         } elseif ( isset( $_SERVER["HTTP_CLIENT_IP"] ) ) {
00279             $sIP = $_SERVER["HTTP_CLIENT_IP"];
00280         } else {
00281             $sIP = $_SERVER["REMOTE_ADDR"];
00282         }
00283         return $sIP;
00284     }
00285 
00293     public function getServerVar( $sServVar = null )
00294     {
00295         $sValue = null;
00296         if ( isset( $_SERVER ) ) {
00297             if ( $sServVar && isset( $_SERVER[$sServVar] ) ) {
00298                 $sValue = $_SERVER[$sServVar];
00299             } elseif ( !$sServVar ) {
00300                 $sValue = $_SERVER;
00301             }
00302         }
00303         return $sValue;
00304     }
00305 
00317     public function setUserCookie( $sUser, $sPassword,  $sShopId = null, $iTimeout = 31536000, $sSalt = 'ox' )
00318     {
00319         $myConfig = $this->getConfig();
00320         $sShopId = ( !$sShopId ) ? $myConfig->getShopId() : $sShopId;
00321         $sSslUrl = $myConfig->getSslShopUrl();
00322         if (stripos($sSslUrl, 'https') === 0) {
00323             $blSsl = true;
00324         } else {
00325             $blSsl = false;
00326         }
00327 
00328         $this->_aUserCookie[$sShopId] = $sUser . '@@@' . crypt( $sPassword, $sSalt );
00329         $this->setOxCookie( 'oxid_' . $sShopId, $this->_aUserCookie[$sShopId], oxUtilsDate::getInstance()->getTime() + $iTimeout, '/', null, true, $blSsl );
00330         $this->setOxCookie( 'oxid_' . $sShopId.'_autologin', '1', oxUtilsDate::getInstance()->getTime() + $iTimeout, '/', null, true, false);
00331     }
00332 
00340     public function deleteUserCookie( $sShopId = null )
00341     {
00342         $myConfig = $this->getConfig();
00343         $sShopId = ( !$sShopId ) ? $this->getConfig()->getShopId() : $sShopId;
00344         $sSslUrl = $myConfig->getSslShopUrl();
00345         if (stripos($sSslUrl, 'https') === 0) {
00346             $blSsl = true;
00347         } else {
00348             $blSsl = false;
00349         }
00350 
00351         $this->_aUserCookie[$sShopId] = '';
00352         $this->setOxCookie( 'oxid_'.$sShopId, '', oxUtilsDate::getInstance()->getTime() - 3600, '/', null, true, $blSsl );
00353         $this->setOxCookie( 'oxid_' . $sShopId.'_autologin', '0', oxUtilsDate::getInstance()->getTime() - 3600, '/', null, true, false);
00354     }
00355 
00363     public function getUserCookie( $sShopId = null )
00364     {
00365         $myConfig = parent::getConfig();
00366         $sShopId = ( !$sShopId ) ? $myConfig->getShopId() : $sShopId;
00367 
00368         // check for SSL connection
00369         if (!$myConfig->isSsl() && $this->getOxCookie('oxid_'.$sShopId.'_autologin') == '1') {
00370             $sSslUrl = $myConfig->getSslShopUrl();
00371             if (stripos($sSslUrl, 'https') === 0) {
00372                 oxUtils::getInstance()->redirect($sSslUrl, true, 302);
00373             }
00374         }
00375 
00376         if ( array_key_exists( $sShopId, $this->_aUserCookie ) && $this->_aUserCookie[$sShopId] !== null ) {
00377             return $this->_aUserCookie[$sShopId] ? $this->_aUserCookie[$sShopId] : null;
00378         }
00379 
00380         return $this->_aUserCookie[$sShopId] = $this->getOxCookie( 'oxid_'.$sShopId );
00381     }
00382 
00389     public function isTrustedClientIp()
00390     {
00391         $blTrusted = false;
00392         $aTrustedIPs = ( array ) $this->getConfig()->getConfigParam( "aTrustedIPs" );
00393         if ( count( $aTrustedIPs ) ) {
00394             $blTrusted = in_array( $this->getRemoteAddress(), $aTrustedIPs );
00395         }
00396 
00397         return $blTrusted;
00398     }
00399 
00407     public function processUserAgentInfo( $sAgent )
00408     {
00409         if ( $sAgent ) {
00410             $sAgent = getStr()->preg_replace( "/MSIE(\s)?(\S)*(\s)/", "", (string) $sAgent );
00411         }
00412         return $sAgent;
00413     }
00414 }
Generated by  doxygen 1.7.1