Refactor cookie creation

Jamie Snape · Jamie Snape · commit 7275b57b1a7b · 2015-10-21T13:52:05.000-04:00
diff --git a/core/Bootstrap.php b/core/Bootstrap.php
@@ -28,6 +28,8 @@ class Bootstrap extends Zend_Application_Bootstrap_Bootstrap
     protected function _initDoctype()
     {
         $this->bootstrap('view');
+
+        /** @var Zend_View $view */
         $view = $this->getResource('view');
         $view->doctype('XHTML1_STRICT');
     }
@@ -111,6 +113,8 @@ protected function _initDatabase()
     protected function _initErrorHandle()
     {
         $this->bootstrap(array('Config', 'Logger'));
+
+        /** @var Zend_Log $logger */
         $logger = $this->getResource('Logger');
 
         Zend_Registry::set('components', array());
@@ -128,7 +132,9 @@ protected function _initErrorHandle()
      */
     protected function _initInternationalization()
     {
-        $this->bootstrap(array('Config', 'Database'));
+        $this->bootstrap(array('Config', 'Database', 'FrontController'));
+
+        /** @var false|Zend_Db_Adapter_Abstract $database */
         $database = $this->getResource('Database');
 
         if ((int) Zend_Registry::get('configGlobal')->get('internationalization', 0) === 1) {
@@ -144,18 +150,17 @@ protected function _initInternationalization()
                     $language = 'en';
                 }
 
+                /** @var Zend_Controller_Front $frontController */
+                $frontController = $this->getResource('FrontController');
+
+                /** @var Zend_Controller_Request_Http $request */
+                $request = $frontController->getRequest();
+
                 $date = new DateTime();
                 $interval = new DateInterval('P1M');
-                setcookie(
-                    MIDAS_LANGUAGE_COOKIE_NAME,
-                    $language,
-                    $date->add($interval)->getTimestamp(),
-                    '/',
-                    !empty($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $_SERVER['SERVER_NAME'],
-                    (int) Zend_Registry::get('configGlobal')->get('cookie_secure',
-                        1) === 1,
-                    true
-                );
+                $expires = $date->add($interval);
+
+                UtilityComponent::setCookie($request, MIDAS_LANGUAGE_COOKIE_NAME, $language, $expires);
             }
 
             if ($database !== false) {
@@ -249,6 +254,8 @@ protected function _initZFDebug()
             );
 
             $debug = new ZFDebug_Controller_Plugin_Debug($options);
+
+            /** @var Zend_Controller_Front $frontController */
             $frontController = $this->getResource('FrontController');
             $frontController->registerPlugin($debug);
         }
@@ -258,6 +265,8 @@ protected function _initZFDebug()
     protected function _initFrontModules()
     {
         $this->bootstrap('FrontController');
+
+        /** @var Zend_Controller_Front $frontController */
         $frontController = $this->getResource('FrontController');
         $frontController->addModuleDirectory(BASE_PATH.'/modules');
 
@@ -275,6 +284,8 @@ protected function _initSass()
     {
         $this->bootstrap(array('Config', 'Logger'));
         $config = Zend_Registry::get('configGlobal');
+
+        /** @var Zend_Log $logger */
         $logger = $this->getResource('Logger');
         if ($config->environment == 'development') {
             $directory = new RecursiveDirectoryIterator(BASE_PATH);
@@ -334,6 +345,7 @@ protected function _initRouter()
     {
         $this->bootstrap(array('Config', 'Database', 'FrontController'));
 
+        /** @var Zend_Controller_Front $frontController */
         $frontController = $this->getResource('FrontController');
         $frontController->addControllerDirectory(BASE_PATH.'/core/controllers');
 
@@ -428,6 +440,8 @@ protected function _initRouter()
     protected function _initREST()
     {
         $this->bootstrap('FrontController');
+
+        /** @var Zend_Controller_Front $frontController */
         $frontController = $this->getResource('FrontController');
 
         // register the RestHandler plugin
diff --git a/core/controllers/CommunityController.php b/core/controllers/CommunityController.php
@@ -660,7 +660,7 @@ public function createAction()
     {
         $this->requireAdminPrivileges();
         $form = $this->Form->Community->createCreateForm();
-        if ($this->_request->isPost() && $form->isValid($this->getRequest()->getPost())
+        if ($this->getRequest()->isPost() && $form->isValid($this->getRequest()->getPost())
         ) {
             $name = $form->getValue('name');
             $description = $form->getValue('description');
diff --git a/core/controllers/FeedController.php b/core/controllers/FeedController.php
@@ -53,17 +53,12 @@ public function indexAction()
             if (isset($cookieData) && is_numeric($cookieData)) {
                 $this->view->lastFeedVisit = $cookieData;
             }
+
             $date = new DateTime();
             $interval = new DateInterval('P1M');
-            setcookie(
-                $cookieName,
-                $date->getTimestamp(),
-                $date->add($interval)->getTimestamp(),
-                '/',
-                $request->getHttpHost(),
-                (int) Zend_Registry::get('configGlobal')->get('cookie_secure', 1) === 1,
-                true
-            );
+            $expires = $date->add($interval);
+
+            UtilityComponent::setCookie($request, $cookieName, $date->getTimestamp(), $expires);
         }
 
         $this->addDynamicHelp(
diff --git a/core/controllers/ItemController.php b/core/controllers/ItemController.php
@@ -188,17 +188,12 @@ public function viewAction()
             }
             $recentItems = array_reverse($tmp);
             $recentItems[] = $itemDao->getKey();
+
             $date = new DateTime();
             $interval = new DateInterval('P1M');
-            setcookie(
-                $cookieName,
-                serialize($recentItems),
-                $date->add($interval)->getTimestamp(),
-                '/',
-                $request->getHttpHost(),
-                (int) Zend_Registry::get('configGlobal')->get('cookie_secure', 1) === 1,
-                true
-            );
+            $expires = $date->add($interval);
+
+            UtilityComponent::setCookie($request, $cookieName, serialize($recentItems), $expires);
         }
 
         $this->Item->incrementViewCount($itemDao);
diff --git a/core/controllers/UserController.php b/core/controllers/UserController.php
@@ -158,18 +158,16 @@ public function logoutAction()
         $notifier->callback('CALLBACK_CORE_USER_LOGOUT');
         $this->userSession->Dao = null;
         Zend_Session::ForgetMe();
+
+        /** @var Zend_Controller_Request_Http $request */
         $request = $this->getRequest();
+
         $date = new DateTime();
         $interval = new DateInterval('P1M');
-        setcookie(
-            MIDAS_USER_COOKIE_NAME,
-            null,
-            $date->sub($interval)->getTimestamp(),
-            '/',
-            $request->getHttpHost(),
-            (int) Zend_Registry::get('configGlobal')->get('cookie_secure', 1) === 1,
-            true
-        );
+        $expires = $date->sub($interval);
+
+        UtilityComponent::setCookie($request, MIDAS_USER_COOKIE_NAME, false, $expires);
+
         $noRedirect = $this->getParam('noRedirect');
         if (isset($noRedirect)) {
             $this->disableView();
@@ -499,18 +497,17 @@ public function ajaxloginAction()
             if ($userDao->getSalt() == '') {
                 $passwordHash = $this->User->convertLegacyPasswordHash($userDao, $form->getValue('password'));
             }
+
+            /** @var Zend_Controller_Request_Http $request */
             $request = $this->getRequest();
             $date = new DateTime();
             $interval = new DateInterval('P1M');
-            setcookie(
-                MIDAS_USER_COOKIE_NAME,
-                $userDao->getKey().'-'.$passwordHash,
-                $date->add($interval)->getTimestamp(),
-                '/',
-                $request->getHttpHost(),
-                (int) Zend_Registry::get('configGlobal')->get('cookie_secure', 1) === 1,
-                true
-            );
+            $expires = $date->add($interval);
+
+            $value = $userDao->getKey().'-'.$passwordHash;
+
+            UtilityComponent::setCookie($request, MIDAS_USER_COOKIE_NAME, $value, $expires);
+
             Zend_Session::start();
             $user = new Zend_Session_Namespace('Auth_User');
             $user->setExpirationSeconds(60 * (int) Zend_Registry::get('configGlobal')->get('session_lifetime', 20));
@@ -526,17 +523,20 @@ public function ajaxloginAction()
     /** Login action */
     public function loginAction()
     {
+        /** @var Zend_Controller_Request_Http $request */
         $request = $this->getRequest();
         $this->Form->User->uri = $request->getRequestUri();
+
+        /** @var Zend_Form $form */
         $form = $this->Form->User->createLoginForm();
         $this->view->form = $this->getFormAsArray($form);
         $this->disableLayout();
         if ($this->_request->isPost()) {
             $this->disableView();
             $previousUri = $this->getParam('previousuri');
             if ($form->isValid($request->getPost())) {
+                $notifications = array();
                 try {
-                    $notifications = array(); // initialize first in case of exception
                     $notifications = Zend_Registry::get('notifier')->callback(
                         'CALLBACK_CORE_AUTHENTICATION',
                         array('email' => $form->getValue('email'), 'password' => $form->getValue('password'))
@@ -545,6 +545,7 @@ public function loginAction()
                     $this->getLogger()->crit($exc->getMessage());
                 }
                 $authModule = false;
+                $userDao = false;
                 foreach ($notifications as $user) {
                     if ($user) {
                         $userDao = $user;
@@ -585,6 +586,9 @@ public function loginAction()
                 } elseif (!$authModule) {
                     $passwordHash = md5($instanceSalt.$form->getValue('password'));
                     $coreAuth = $this->User->legacyAuthenticate($userDao, $instanceSalt, $form->getValue('password'));
+                } else {
+                    $passwordHash = false;
+                    $coreAuth = false;
                 }
 
                 if ($authModule || $coreAuth) {
@@ -603,30 +607,19 @@ public function loginAction()
                     ) {
                         $passwordHash = $this->User->convertLegacyPasswordHash($userDao, $form->getValue('password'));
                     }
-                    $remember = $form->getValue('remerberMe');
+
+                    $remember = (int) $form->getValue('remerberMe');
                     if (!$this->isTestingEnv()) {
                         $date = new DateTime();
                         $interval = new DateInterval('P1M');
-                        if (!$authModule && isset($remember) && $remember == 1) {
-                            setcookie(
-                                MIDAS_USER_COOKIE_NAME,
-                                $userDao->getKey().'-'.$passwordHash,
-                                $date->add($interval)->getTimestamp(),
-                                '/',
-                                $request->getHttpHost(),
-                                (int) Zend_Registry::get('configGlobal')->get('cookie_secure', 1) === 1,
-                                true
-                            );
+
+                        if (!$authModule && $remember === 1) {
+                            $expires = $date->add($interval);
+                            $value = $userDao->getKey().'-'.$passwordHash;
+                            UtilityComponent::setCookie($request, MIDAS_USER_COOKIE_NAME, $value, $expires);
                         } else {
-                            setcookie(
-                                MIDAS_USER_COOKIE_NAME,
-                                null,
-                                $date->sub($interval)->getTimestamp(),
-                                '/',
-                                $request->getHttpHost(),
-                                (int) Zend_Registry::get('configGlobal')->get('cookie_secure', 1) === 1,
-                                true
-                            );
+                            $expires = $date->sub($interval);
+                            UtilityComponent::setCookie($request, MIDAS_USER_COOKIE_NAME, false, $expires);
                             Zend_Session::start();
                             $user = new Zend_Session_Namespace('Auth_User');
                             $user->setExpirationSeconds(60 * (int) Zend_Registry::get('configGlobal')->get('session_lifetime', 20));
@@ -1330,18 +1323,15 @@ public function deleteAction()
                 session_start();
                 $this->userSession->Dao = null;
                 Zend_Session::ForgetMe();
+
+                /** @var Zend_Controller_Request_Http $request */
                 $request = $this->getRequest();
+
                 $date = new DateTime();
                 $interval = new DateInterval('P1M');
-                setcookie(
-                    MIDAS_USER_COOKIE_NAME,
-                    null,
-                    $date->sub($interval)->getTimestamp(),
-                    '/',
-                    $request->getHttpHost(),
-                    (int) Zend_Registry::get('configGlobal')->get('cookie_secure', 1) === 1,
-                    true
-                );
+                $expires = $date->sub($interval);
+
+                UtilityComponent::setCookie($request, MIDAS_USER_COOKIE_NAME, false, $expires);
             }
         }
         $this->_helper->viewRenderer->setNoRender();
diff --git a/core/controllers/components/UtilityComponent.php b/core/controllers/components/UtilityComponent.php
@@ -100,6 +100,7 @@ public function getAllModules()
      */
     public static function extractPathParams()
     {
+        /** @var Zend_Controller_Request_Http $request */
         $request = Zend_Controller_Front::getInstance()->getRequest();
         $allTokens = preg_split('@/@', $request->getPathInfo(), null, PREG_SPLIT_NO_EMPTY);
 
@@ -939,4 +940,18 @@ public static function realpath($path)
 
         return $realpath;
     }
+
+    /**
+     * Send a cookie with the rest of the HTTP headers.
+     *
+     * @param Zend_Controller_Request_Http $request HTTP request
+     * @param string $name name of the cookie
+     * @param false|string $value value of the cookie
+     * @param DateTime $expires time the cookie expires
+     */
+    public static function setCookie($request, $name, $value, $expires)
+    {
+        $secure = (int) Zend_Registry::get('configGlobal')->get('cookie_secure', 1) === 1;
+        setcookie($name, $value, $expires->getTimestamp(), '/', $request->getHttpHost(), $secure, true);
+    }
 }
diff --git a/modules/googleauth/Notification.php b/modules/googleauth/Notification.php
@@ -31,6 +31,9 @@ class Googleauth_Notification extends MIDAS_Notification
     /** @var array */
     public $_models = array('Setting', 'User', 'Userapi');
 
+    /** @var array */
+    public $_moduleComponents = array('Cookie');
+
     /** @var array */
     public $_moduleModels = array('User');
 
@@ -133,15 +136,9 @@ public function checkUserCookie($args)
 
                     $date = new DateTime();
                     $interval = new DateInterval('P1M');
-                    setcookie(
-                        GOOGLE_AUTH_ACCESS_TOKEN_COOKIE_NAME,
-                        $client->getAccessToken(),
-                        $date->add($interval)->getTimestamp(),
-                        '/',
-                        $request->getHttpHost(),
-                        (int) Zend_Registry::get('configGlobal')->get('cookie_secure', 1) === 1,
-                        true
-                    );
+                    $expires = $date->add($interval);
+
+                    $this->ModuleComponent->Cookie->setAccessTokenCookie($request, $client, $expires);
                 }
             }
 
@@ -160,16 +157,11 @@ public function handleUserLogout($args)
     {
         /** @var Zend_Controller_Request_Http $request */
         $request = Zend_Controller_Front::getInstance()->getRequest();
+
         $date = new DateTime();
         $interval = new DateInterval('P1M');
-        setcookie(
-            GOOGLE_AUTH_ACCESS_TOKEN_COOKIE_NAME,
-            null,
-            $date->sub($interval)->getTimestamp(),
-            '/',
-            $request->getHttpHost(),
-            (int) Zend_Registry::get('configGlobal')->get('cookie_secure', 1) === 1,
-            true
-        );
+        $expires = $date->sub($interval);
+
+        $this->ModuleComponent->Cookie->setAccessTokenCookie($request, false, $expires);
     }
 }
diff --git a/modules/googleauth/controllers/CallbackController.php b/modules/googleauth/controllers/CallbackController.php
diff --git a/modules/googleauth/controllers/components/CookieComponent.php b/modules/googleauth/controllers/components/CookieComponent.php

Original file line number	Diff line number	Diff line change
`@@ -660,7 +660,7 @@ public function createAction()`
`660`	`660`	`{`
`661`	`661`	`$this->requireAdminPrivileges();`
`662`	`662`	`$form = $this->Form->Community->createCreateForm();`
`663`		`- if ($this->_request->isPost() && $form->isValid($this->getRequest()->getPost())`
	`663`	`+ if ($this->getRequest()->isPost() && $form->isValid($this->getRequest()->getPost())`
`664`	`664`	`) {`
`665`	`665`	`$name = $form->getValue('name');`
`666`	`666`	`$description = $form->getValue('description');`