Replaced setcookie() with SEC_setCookie() (improvement #1065)

public_html/lib-common.php

@@ -380,10 +380,7 @@
     // Update Cookie as well if needed for anonymous and users
     if (!isset($_COOKIE[$_CONF['cookie_theme']]) || (isset($_COOKIE[$_CONF['cookie_theme']]) && $_COOKIE[$_CONF['cookie_theme']] != $_CONF['theme'])) {
         if (!headers_sent()) {
-            @setcookie(
-                $_CONF['cookie_theme'], $_CONF['theme'], time() + 31536000, $_CONF['cookie_path'],
-                $_CONF['cookiedomain'], $_CONF['cookiesecure']
-            );
+            SEC_setCookie($_CONF['cookie_theme'], $_CONF['theme'], time() + 31536000);
         }
     }
 

public_html/polls/index.php

@@ -155,10 +155,7 @@ function polllist()
     }
     $aids = substr($aids, 0, -1);
 
-    setcookie(
-        'poll-' . $pid, $aids, time() + $_PO_CONF['pollcookietime'], $_CONF['cookie_path'],
-        $_CONF['cookiedomain'], $_CONF['cookiesecure']
-    );
+    SEC_setCookie('poll-' . $pid, $aids, time() + $_PO_CONF['pollcookietime']);
     $display .= POLLS_pollsave($pid, $aid);
     $display = COM_createHTMLDocument($display);
 } elseif (!empty($pid)) {

public_html/switchlang.php

@@ -104,10 +104,7 @@ function switch_language($url, $newLang, $oldLang, $itemId, $itemType)
             // Set the language cookie.
             // Mainly used for anonymous users so the rest of their session
             // will remain in the selected language
-            setcookie(
-                $_CONF['cookie_language'], $langFile, time() + 31536000, 
-                $_CONF['cookie_path'], $_CONF['cookiedomain'], $_CONF['cookiesecure']
-            );
+            SEC_setCookie($_CONF['cookie_language'], $langFile, time() + 31536000);
 
             // if user is not anonymous, store the preference in the database
             if (!COM_isAnonUser()) {

public_html/users.php

@@ -659,10 +659,7 @@ function USER_doLogin()
     // Now that we have user's data see if their theme cookie is set.
     // If not set it
     if (!empty($_USER['theme'])) {
-        setcookie(
-            $_CONF['cookie_theme'], $_USER['theme'], time() + 31536000, $_CONF['cookie_path'],
-            $_CONF['cookiedomain'], $_CONF['cookiesecure']
-        );
+        SEC_setCookie($_CONF['cookie_theme'], $_USER['theme'], time() + 31536000);
     }
 
     if (!empty($_SERVER['HTTP_REFERER'])

public_html/usersettings.php

@@ -1448,15 +1448,9 @@ function savepreferences($A)
         . "WHERE uid = '{$_USER['uid']}'"
     );
 
-    setcookie($_CONF['cookie_theme'], $A['theme'], time() + 31536000,
-        $_CONF['cookie_path'], $_CONF['cookiedomain'],
-        $_CONF['cookiesecure']);
-    setcookie($_CONF['cookie_language'], $A['language'], time() + 31536000,
-        $_CONF['cookie_path'], $_CONF['cookiedomain'],
-        $_CONF['cookiesecure']);
-    setcookie($_CONF['cookie_tzid'], $A['tzid'], time() + 31536000,
-        $_CONF['cookie_path'], $_CONF['cookiedomain'],
-        $_CONF['cookiesecure']);
+    SEC_setCookie($_CONF['cookie_theme'], $A['theme'], time() + 31536000);
+    SEC_setCookie($_CONF['cookie_language'], $A['language'], time() + 31536000);
+    SEC_setCookie($_CONF['cookie_tzid'], $A['tzid'], time() + 31536000);
 
     // When the user has disabled Two Factor Authentication, invalidate secret code and all the backup codes he/she might have
     if (!$A['enable_twofactorauth']) {

system/lib-comment.php

@@ -1479,9 +1479,7 @@ function CMT_saveComment($title, $comment, $sid, $pid, $type, $postmode)
         if (strcmp($_POST[CMT_USERNAME], $anon) != 0) {
             $username = COM_checkWords(GLText::stripTags(Geeklog\Input::post(CMT_USERNAME)), 'comment');
             $username = GLText::remove4byteUtf8Chars($username);
-            setcookie($_CONF['cookie_anon_name'], $username, time() + 31536000,
-                $_CONF['cookie_path'], $_CONF['cookiedomain'],
-                $_CONF['cookiesecure']);
+            SEC_setCookie($_CONF['cookie_anon_name'], $username, time() + 31536000);
             $name = DB_escapeString($username);
         }
     }

system/lib-security.php

@@ -1783,9 +1783,7 @@ function SEC_setCookie($name, $value, $expire = 0, $path = null, $domain = null,
         $secure = $_CONF['cookiesecure'];
     }
 
-    $retval = setcookie($name, $value, $expire, $path, $domain, $secure, true);
-
-    return $retval;
+    return setcookie($name, $value, $expire, $path, $domain, $secure, true);
 }
 
 /**