Source Code Index
<?php
 
/* COOKIES - a cookie API that is simply to reduce some redundancy
 
The following functions are defined:
 
	cookie_set($name, $value)
	cookie_get($name)
	cookie_unset($name)
	cookie_encode($data)
	cookie_decode($edata, $data)
	cookie_serialize($data)
	cookie_unserialize($data)
 
These are optional arguments to some of those functions. See file SECURITY for 
more information.
 
There are two defines here, a (hopefully) unique prefix for the cookies, and a 
salt for encrypting a data cookie.
 
*/
 
define('COOKIE_BASE',"this_");
if (defined('SALT3'))				// not defined = not set-up
define('COOKIE_SALT',SALT3);
else
define('COOKIE_SALT','randomchars');
define('COOKIE_EXP',60*60*24*30);		// 30 days
define('COOKIE_ROOT','/');
 
 
/* cookie_serialize - serialize some data for a cookie */
 
function cookie_serialize($data) {
 
	$data = serialize($data);
	$data = rtrim(base64_encode($data),'=');
	return $data;
}
 
/* cookie_unserialize - get data back from cookie */
 
function cookie_unserialize($data) {
 
	$data .= '==';
	$data = base64_decode($data);
	return unserialize($data);
}
 
/* cookie_encode - this is for creating an encrypted "data" cookie */
 
// similar to a message authenticity check (MAC) (we think)
//
// usage:
//
// 	$c = cookie_encode($userid,$_SERVER['REMOTE_ADDR']);
//	cookie_set('userdat',$c);
 
function cookie_encode($data, $pad = '') {
 
	$key = COOKIE_SALT;
 
	$c = md5($data.$pad.$key,TRUE);
	$c = rtrim(base64_encode($c),'=');	// slight obscurity
 
	return $c;
}
 
/* cookie_decode - check the encrypted "data" cookie */
 
// usage:
//
// 	$c = cookie_get('userdat');
//	$c = cookie_decode($c,$userid,$_SERVER['REMOTE_ADDR']);
//	if ($c != $userid)
//		error();
 
function cookie_decode($edata, $data, $pad = '') {
 
	$key = COOKIE_SALT;
 
	$edata .= '==';
	$edata = base64_decode($edata);
	if ($edata != md5($data.$pad.$key,TRUE))
		return '';
 
	return $data;
}
 
 
/*
The rest of these are basic cookie functionality simply to reduce what 
would be redundant code if we did not have these.
*/
 
 
function cookie_set($name, $value, $expire = COOKIE_EXP, $root = COOKIE_ROOT) {
 
	if (defined('COOKIE_BASE')) $name = COOKIE_BASE . $name;
	if (!setcookie($name,$value,time()+$expire,$root))
		debug('unable to set cookie');
	$_COOKIE[$name] = $value;
 
// NOTE Not sure what to do if cookie cannot be set -- should be harmless 
// as a UA might not accept them. But one of the bugs we had was output sent 
// before trying to setcookie(), which then fails, when we were debugging the 
// Admin login code! Somewhow that condition should be trapped... 
// This is one problem of "debugging by print statements" debug code. *sigh*
}
 
function cookie_get($name = '') {
 
	if ($name === '') return $_COOKIE;
 
	if (defined('COOKIE_BASE')) $name = COOKIE_BASE . $name;
	if (isset($_COOKIE[$name]))
		return $_COOKIE[$name];
	return '';
}
 
function cookie_unset($name, $time = 3600, $root = COOKIE_ROOT) {
 
	if (defined('COOKIE_BASE')) $name = COOKIE_BASE . $name;
	setcookie($name,'',time()-$time,$root);
	unset($_COOKIE[$name]);
}
 
function cookie_str($base = '') {
 
	if (defined('COOKIE_BASE') && $base == '')
		$base = COOKIE_BASE;
 
	$cookie_str = "";
	$cookies = cookie_get();			// gets all cookies
	foreach ($cookies as $name => $value) {		//  some not be ours
		if ($base && !preg_match("/^$base/",$name)) //  so we check
			continue;
		$cookie_str .= "$name=$value ";
	}
 
	return $cookie_str;
}
 
?>
 
THIS source compiler