Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fix cookie expiry time calculation on 32bit systems.

strtotime() misbehaves on 32bit systems when the resulting timestamp
would overflow an integer. Use a DateTime to workaround this issue.

Fixes #3868
  • Loading branch information...
commit 3aa189eb3a49abfb31cd1b25b32505d249e95044 1 parent 027cfe9
Mark Story markstory authored
8 lib/Cake/Controller/Component/CookieComponent.php
View
@@ -387,20 +387,20 @@ public function type($type = 'cipher') {
* @return integer Unix timestamp
*/
protected function _expire($expires = null) {
- $now = time();
if (is_null($expires)) {
return $this->_expires;
}
$this->_reset = $this->_expires;
-
if (!$expires) {
return $this->_expires = 0;
}
+ $now = new DateTime();
if (is_int($expires) || is_numeric($expires)) {
- return $this->_expires = $now + intval($expires);
+ return $this->_expires = $now->format('U') + intval($expires);
}
- return $this->_expires = strtotime($expires, $now);
+ $now->modify($expires);
+ return $this->_expires = $now->format('U');
}
/**
25 lib/Cake/Test/Case/Controller/Component/CookieComponentTest.php
View
@@ -202,6 +202,31 @@ public function testWriteSimple() {
}
/**
+ * test write with distant future cookies
+ *
+ * @return void
+ */
+ public function testWriteFarFuture() {
+ $this->Cookie->write('Testing', 'value', false, '+90 years');
+ $future = new DateTime('now');
+ $future->modify('+90 years');
+
+ $expected = array(
+ 'name' => $this->Cookie->name . '[Testing]',
+ 'value' => 'value',
+ 'path' => '/',
+ 'domain' => '',
+ 'secure' => false,
+ 'httpOnly' => false);
+ $result = $this->Controller->response->cookie($this->Cookie->name . '[Testing]');
+
+ $this->assertEquals($future->format('U'), $result['expire'], '', 3);
+ unset($result['expire']);
+
+ $this->assertEquals($expected, $result);
+ }
+
+/**
* test write with httpOnly cookies
*
* @return void
Please sign in to comment.
Something went wrong with that request. Please try again.