xref: /PHP-5.6/ext/standard/head.c (revision 49493a2d)
1 /*
2    +----------------------------------------------------------------------+
3    | PHP Version 5                                                        |
4    +----------------------------------------------------------------------+
5    | Copyright (c) 1997-2016 The PHP Group                                |
6    +----------------------------------------------------------------------+
7    | This source file is subject to version 3.01 of the PHP license,      |
8    | that is bundled with this package in the file LICENSE, and is        |
9    | available through the world-wide-web at the following url:           |
10    | http://www.php.net/license/3_01.txt                                  |
11    | If you did not receive a copy of the PHP license and are unable to   |
12    | obtain it through the world-wide-web, please send a note to          |
13    | license@php.net so we can mail you a copy immediately.               |
14    +----------------------------------------------------------------------+
15    | Author: Rasmus Lerdorf <rasmus@lerdorf.on.ca>                        |
16    +----------------------------------------------------------------------+
17  */
18 /* $Id$ */
19 
20 #include <stdio.h>
21 #include "php.h"
22 #include "ext/standard/php_standard.h"
23 #include "ext/date/php_date.h"
24 #include "SAPI.h"
25 #include "php_main.h"
26 #include "head.h"
27 #ifdef TM_IN_SYS_TIME
28 #include <sys/time.h>
29 #else
30 #include <time.h>
31 #endif
32 
33 #include "php_globals.h"
34 
35 
36 /* Implementation of the language Header() function */
37 /* {{{ proto void header(string header [, bool replace, [int http_response_code]])
38    Sends a raw HTTP header */
PHP_FUNCTION(header)39 PHP_FUNCTION(header)
40 {
41 	zend_bool rep = 1;
42 	sapi_header_line ctr = {0};
43 
44 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|bl", &ctr.line,
45 				&ctr.line_len, &rep, &ctr.response_code) == FAILURE)
46 		return;
47 
48 	sapi_header_op(rep ? SAPI_HEADER_REPLACE:SAPI_HEADER_ADD, &ctr TSRMLS_CC);
49 }
50 /* }}} */
51 
52 /* {{{ proto void header_remove([string name])
53    Removes an HTTP header previously set using header() */
PHP_FUNCTION(header_remove)54 PHP_FUNCTION(header_remove)
55 {
56 	sapi_header_line ctr = {0};
57 
58 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|s", &ctr.line,
59 	                          &ctr.line_len) == FAILURE)
60 		return;
61 
62 	sapi_header_op(ZEND_NUM_ARGS() == 0 ? SAPI_HEADER_DELETE_ALL : SAPI_HEADER_DELETE, &ctr TSRMLS_CC);
63 }
64 /* }}} */
65 
php_header(TSRMLS_D)66 PHPAPI int php_header(TSRMLS_D)
67 {
68 	if (sapi_send_headers(TSRMLS_C)==FAILURE || SG(request_info).headers_only) {
69 		return 0; /* don't allow output */
70 	} else {
71 		return 1; /* allow output */
72 	}
73 }
74 
75 
php_setcookie(char * name,int name_len,char * value,int value_len,time_t expires,char * path,int path_len,char * domain,int domain_len,int secure,int url_encode,int httponly TSRMLS_DC)76 PHPAPI int php_setcookie(char *name, int name_len, char *value, int value_len, time_t expires, char *path, int path_len, char *domain, int domain_len, int secure, int url_encode, int httponly TSRMLS_DC)
77 {
78 	char *cookie, *encoded_value = NULL;
79 	int len=sizeof("Set-Cookie: ");
80 	char *dt;
81 	sapi_header_line ctr = {0};
82 	int result;
83 
84 	if (name && strpbrk(name, "=,; \t\r\n\013\014") != NULL) {   /* man isspace for \013 and \014 */
85 		zend_error( E_WARNING, "Cookie names cannot contain any of the following '=,; \\t\\r\\n\\013\\014'" );
86 		return FAILURE;
87 	}
88 
89 	if (!url_encode && value && strpbrk(value, ",; \t\r\n\013\014") != NULL) { /* man isspace for \013 and \014 */
90 		zend_error( E_WARNING, "Cookie values cannot contain any of the following ',; \\t\\r\\n\\013\\014'" );
91 		return FAILURE;
92 	}
93 
94 	len += name_len;
95 	if (value && url_encode) {
96 		int encoded_value_len;
97 
98 		encoded_value = php_url_encode(value, value_len, &encoded_value_len);
99 		len += encoded_value_len;
100 	} else if ( value ) {
101 		encoded_value = estrdup(value);
102 		len += value_len;
103 	}
104 	if (path) {
105 		len += path_len;
106 	}
107 	if (domain) {
108 		len += domain_len;
109 	}
110 
111 	cookie = emalloc(len + 100);
112 
113 	if (value == NULL || value_len == 0) {
114 		/*
115 		 * MSIE doesn't delete a cookie when you set it to a null value
116 		 * so in order to force cookies to be deleted, even on MSIE, we
117 		 * pick an expiry date in the past
118 		 */
119 		dt = php_format_date("D, d-M-Y H:i:s T", sizeof("D, d-M-Y H:i:s T")-1, 1, 0 TSRMLS_CC);
120 		snprintf(cookie, len + 100, "Set-Cookie: %s=deleted; expires=%s; Max-Age=0", name, dt);
121 		efree(dt);
122 	} else {
123 		snprintf(cookie, len + 100, "Set-Cookie: %s=%s", name, value ? encoded_value : "");
124 		if (expires > 0) {
125 			const char *p;
126 			char tsdelta[13];
127 			strlcat(cookie, "; expires=", len + 100);
128 			dt = php_format_date("D, d-M-Y H:i:s T", sizeof("D, d-M-Y H:i:s T")-1, expires, 0 TSRMLS_CC);
129 			/* check to make sure that the year does not exceed 4 digits in length */
130 			p = zend_memrchr(dt, '-', strlen(dt));
131 			if (!p || *(p + 5) != ' ') {
132 				efree(dt);
133 				efree(cookie);
134 				efree(encoded_value);
135 				zend_error(E_WARNING, "Expiry date cannot have a year greater than 9999");
136 				return FAILURE;
137 			}
138 			strlcat(cookie, dt, len + 100);
139 			efree(dt);
140 
141 			snprintf(tsdelta, sizeof(tsdelta), "%li", (long) difftime(expires, time(NULL)));
142 			strlcat(cookie, "; Max-Age=", len + 100);
143 			strlcat(cookie, tsdelta, len + 100);
144 		}
145 	}
146 
147 	if (encoded_value) {
148 		efree(encoded_value);
149 	}
150 
151 	if (path && path_len > 0) {
152 		strlcat(cookie, "; path=", len + 100);
153 		strlcat(cookie, path, len + 100);
154 	}
155 	if (domain && domain_len > 0) {
156 		strlcat(cookie, "; domain=", len + 100);
157 		strlcat(cookie, domain, len + 100);
158 	}
159 	if (secure) {
160 		strlcat(cookie, "; secure", len + 100);
161 	}
162 	if (httponly) {
163 		strlcat(cookie, "; httponly", len + 100);
164 	}
165 
166 	ctr.line = cookie;
167 	ctr.line_len = strlen(cookie);
168 
169 	result = sapi_header_op(SAPI_HEADER_ADD, &ctr TSRMLS_CC);
170 	efree(cookie);
171 	return result;
172 }
173 
174 
175 /* php_set_cookie(name, value, expires, path, domain, secure) */
176 /* {{{ proto bool setcookie(string name [, string value [, int expires [, string path [, string domain [, bool secure[, bool httponly]]]]]])
177    Send a cookie */
PHP_FUNCTION(setcookie)178 PHP_FUNCTION(setcookie)
179 {
180 	char *name, *value = NULL, *path = NULL, *domain = NULL;
181 	long expires = 0;
182 	zend_bool secure = 0, httponly = 0;
183 	int name_len, value_len = 0, path_len = 0, domain_len = 0;
184 
185 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|slssbb", &name,
186 							  &name_len, &value, &value_len, &expires, &path,
187 							  &path_len, &domain, &domain_len, &secure, &httponly) == FAILURE) {
188 		return;
189 	}
190 
191 	if (php_setcookie(name, name_len, value, value_len, expires, path, path_len, domain, domain_len, secure, 1, httponly TSRMLS_CC) == SUCCESS) {
192 		RETVAL_TRUE;
193 	} else {
194 		RETVAL_FALSE;
195 	}
196 }
197 /* }}} */
198 
199 /* {{{ proto bool setrawcookie(string name [, string value [, int expires [, string path [, string domain [, bool secure[, bool httponly]]]]]])
200    Send a cookie with no url encoding of the value */
PHP_FUNCTION(setrawcookie)201 PHP_FUNCTION(setrawcookie)
202 {
203 	char *name, *value = NULL, *path = NULL, *domain = NULL;
204 	long expires = 0;
205 	zend_bool secure = 0, httponly = 0;
206 	int name_len, value_len = 0, path_len = 0, domain_len = 0;
207 
208 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "s|slssbb", &name,
209 							  &name_len, &value, &value_len, &expires, &path,
210 							  &path_len, &domain, &domain_len, &secure, &httponly) == FAILURE) {
211 		return;
212 	}
213 
214 	if (php_setcookie(name, name_len, value, value_len, expires, path, path_len, domain, domain_len, secure, 0, httponly TSRMLS_CC) == SUCCESS) {
215 		RETVAL_TRUE;
216 	} else {
217 		RETVAL_FALSE;
218 	}
219 }
220 /* }}} */
221 
222 
223 /* {{{ proto bool headers_sent([string &$file [, int &$line]])
224    Returns true if headers have already been sent, false otherwise */
PHP_FUNCTION(headers_sent)225 PHP_FUNCTION(headers_sent)
226 {
227 	zval *arg1 = NULL, *arg2 = NULL;
228 	const char *file="";
229 	int line=0;
230 
231 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|zz", &arg1, &arg2) == FAILURE)
232 		return;
233 
234 	if (SG(headers_sent)) {
235 		line = php_output_get_start_lineno(TSRMLS_C);
236 		file = php_output_get_start_filename(TSRMLS_C);
237 	}
238 
239 	switch(ZEND_NUM_ARGS()) {
240 	case 2:
241 		zval_dtor(arg2);
242 		ZVAL_LONG(arg2, line);
243 	case 1:
244 		zval_dtor(arg1);
245 		if (file) {
246 			ZVAL_STRING(arg1, file, 1);
247 		} else {
248 			ZVAL_STRING(arg1, "", 1);
249 		}
250 		break;
251 	}
252 
253 	if (SG(headers_sent)) {
254 		RETURN_TRUE;
255 	} else {
256 		RETURN_FALSE;
257 	}
258 }
259 /* }}} */
260 
261 /* {{{ php_head_apply_header_list_to_hash
262    Turn an llist of sapi_header_struct headers into a numerically indexed zval hash */
php_head_apply_header_list_to_hash(void * data,void * arg TSRMLS_DC)263 static void php_head_apply_header_list_to_hash(void *data, void *arg TSRMLS_DC)
264 {
265 	sapi_header_struct *sapi_header = (sapi_header_struct *)data;
266 
267 	if (arg && sapi_header) {
268 		add_next_index_string((zval *)arg, (char *)(sapi_header->header), 1);
269 	}
270 }
271 
272 /* {{{ proto array headers_list(void)
273    Return list of headers to be sent / already sent */
PHP_FUNCTION(headers_list)274 PHP_FUNCTION(headers_list)
275 {
276 	if (zend_parse_parameters_none() == FAILURE) {
277 		return;
278 	}
279 
280 	array_init(return_value);
281 	zend_llist_apply_with_argument(&SG(sapi_headers).headers, php_head_apply_header_list_to_hash, return_value TSRMLS_CC);
282 }
283 /* }}} */
284 
285 /* {{{ proto long http_response_code([int response_code])
286    Sets a response code, or returns the current HTTP response code */
PHP_FUNCTION(http_response_code)287 PHP_FUNCTION(http_response_code)
288 {
289 	long response_code = 0;
290 
291 	if (zend_parse_parameters(ZEND_NUM_ARGS() TSRMLS_CC, "|l", &response_code) == FAILURE) {
292 		return;
293 	}
294 
295 	if (response_code)
296 	{
297 		long old_response_code;
298 
299 		old_response_code = SG(sapi_headers).http_response_code;
300 		SG(sapi_headers).http_response_code = response_code;
301 
302 		if (old_response_code) {
303 			RETURN_LONG(old_response_code);
304 		}
305 
306 		RETURN_TRUE;
307 	}
308 
309 	if (!SG(sapi_headers).http_response_code) {
310 		RETURN_FALSE;
311 	}
312 
313 	RETURN_LONG(SG(sapi_headers).http_response_code);
314 }
315 /* }}} */
316 
317 /*
318  * Local variables:
319  * tab-width: 4
320  * c-basic-offset: 4
321  * vim600: sw=4 ts=4 fdm=marker
322  * vim<600: sw=4 ts=4 * End:
323  */
324