Implement zm_setcookie to simplify setting cookies, set samesite, deal with older php etc. Use it.

2022-01-20 09:46:38 -05:00 · 2022-01-20 09:46:38 -05:00 · 2d07fda6fc
parent 789b729fd6
commit 2d07fda6fc
3 changed files with 20 additions and 16 deletions
--- a/web/includes/Group.php
+++ b/web/includes/Group.php
@ -25,7 +25,7 @@ class Group extends ZM_Object {
      if ( isset($_COOKIE['zmGroup']) ) {
        if ( $this->{'Id'} == $_COOKIE['zmGroup'] ) {
          unset($_COOKIE['zmGroup']);
-          setcookie('zmGroup', '', time()-3600*24*2);
+          zm_setcookie('zmGroup', '');
        }
      }
    }
--- a/web/includes/session.php
+++ b/web/includes/session.php
@ -1,4 +1,21 @@
 <?php
+
+// Wrapper around setcookie that auto-sets samesite, and deals with older versions of php
+function zm_setcookie($cookie, $value, $options=array()) {
+  if (!isset($options['expires'])) {
+    $options['expires'] = time()+3600*24*30*12*10; // 10 years?!
+  }
+  if (!isset($options['samesite'])) {
+    $options['samesite'] = 'Strict';
+  }
+
+  if (version_compare(phpversion(), '7.3.0', '>=')) {
+    setcookie($cookie, $value, $options);
+  } else {
+    setcookie($cookie, $value, $options['expires'], '/; samesite=strict');
+  }
+}
+
 // ZM session start function support timestamp management
 function zm_session_start() {

--- a/web/index.php
+++ b/web/index.php
@ -139,11 +139,6 @@ $skinBase[] = $skin;

 zm_session_start();

-$cookie_options = array(
-  'expires'=>time()+3600*24*30*12*10,
-  'samesite' => 'Strict',
-);
-
 if (
  !isset($_SESSION['skin']) ||
  isset($_REQUEST['skin']) ||
@ -151,11 +146,7 @@ if (
  ($_COOKIE['zmSkin'] != $skin)
 ) {
  $_SESSION['skin'] = $skin;
-	if (version_compare(phpversion(), '7.3.0', '>=')) {
-	setcookie('zmSkin', $skin, $cookie_options);
-	} else {
-	setcookie('zmSkin', $skin, $cookie_options['expires'], '/; samesite=strict');
-	}
+	zm_setcookie('zmSkin', $skin);
 }

 if (
@ -165,11 +156,7 @@ if (
  ($_COOKIE['zmCSS'] != $css)
 ) {
  $_SESSION['css'] = $css;
-	if (version_compare(phpversion(), '7.3.0', '>=')) {
-    setcookie('zmCSS', $css, $cookie_options);
-	} else {
-	  setcookie('zmCSS', $css, $cookie_options['expires'], '/; samesite=strict');
-	}
+  zm_setcookie('zmCSS', $css);
 }

 # Running is global but only do the daemonCheck if it is actually needed