Class
CookieComponent
Cookie Component.
Provides enhanced cookie handling features for use in the controller layer. In addition to the basic features offered be Cake\Http\Response, this class lets you:
- Create and read encrypted cookies.
- Store non-scalar data.
- Use hash compatible syntax to read/write/delete values.
Deprecated: 3.5.0 Use Cake\Http\Middleware\EncryptedCookieMiddleware and Cake\Http\Cookie\Cookie methods instead.
Link: https://book.cakephp.org/3.0/en/controllers/components/cookie.html
Property Summary
-
$_componentMap protected
array
A component lookup table used to lazy load component objects.
-
$_config protected
array
Runtime config
-
$_configInitialized protected
bool
Whether the config property has already been configured with defaults
-
$_defaultConfig protected
array
Default config
-
$_keyConfig protected
array
Config specific to a given top level key name.
-
$_loaded protected
array
A map of keys that have been loaded.
-
$_registry protected
Cake\Controller\ComponentRegistry
Component registry class used to lazy load components.
-
$_response protected deprecated
Cake\Http\Response|null
A reference to the Controller's Cake\Http\Response object. Currently unused.
-
$_validCiphers protected
array
Valid cipher names for encrypted cookies.
-
$_values protected
array
Values stored in the cookie.
-
$components public
array
Other Components this component uses.
-
$request public deprecated
Cake\Http\ServerRequest
Request object
-
$response public deprecated
Cake\Http\Response
Response object
Method Summary
-
__construct() public
Constructor
-
__debugInfo() public
Returns an array that can be used to describe the internal state of this object.
-
__get() public
Magic method for lazy loading $components.
-
_checkCipher() protected
Helper method for validating encryption cipher names.
-
_configDelete() protected
Deletes a single config key.
-
_configRead() protected
Reads a config key.
-
_configWrite() protected
Writes a config key.
-
_decode() protected
Decodes and decrypts a single value.
-
_decrypt() protected
Decrypts $value using public $type method in Security class
-
_delete() protected
Sets a cookie expire time to remove cookie value.
-
_encrypt() protected
Encrypts $value using public $type method in Security class
-
_explode() protected
Explode method to return array from string set in CookieComponent::_implode() Maintains reading backwards compatibility with 1.x CookieComponent::_implode().
-
_getCookieEncryptionKey() protected
Returns the encryption key to be used.
-
_implode() protected
Implode method to keep keys are multidimensional arrays
-
_load() protected
Load the cookie data from the request and response objects.
-
_write() protected
Set cookie
-
check() public
Returns true if given key is set in the cookie.
-
config() public deprecated
Gets/Sets the config.
-
configKey() public
Set the configuration for a specific top level key.
-
configShallow() public
Merge provided config with existing config. Unlike
config()
which does a recursive merge for nested keys, this method does a simple merge. -
delete() public
Delete a cookie value
-
getConfig() public
Returns the config.
-
getController() public
Get the controller this component is bound to.
-
implementedEvents() public
Events supported by this component.
-
initialize() public
Initialize config data and properties.
-
log() public
Convenience method to write a message to Log. See Log::write() for more information on writing to logs.
-
read() public
Read the value of key path from request cookies.
-
setConfig() public
Sets the config.
-
write() public
Write a value to the response cookies.
Method Detail
__construct() ¶ public
__construct(Cake\Controller\ComponentRegistry $registry, array $config = [])
Constructor
Parameters
-
Cake\Controller\ComponentRegistry
$registry A ComponentRegistry this component can use to lazy load its components
-
array
$config optional Array of configuration settings.
__debugInfo() ¶ public
__debugInfo(): array
Returns an array that can be used to describe the internal state of this object.
Returns
array
__get() ¶ public
__get(string $name): mixed
Magic method for lazy loading $components.
Parameters
-
string
$name Name of component to get.
Returns
mixed
_checkCipher() ¶ protected
_checkCipher(string $encrypt): void
Helper method for validating encryption cipher names.
Parameters
-
string
$encrypt The cipher name.
Returns
void
Throws
RuntimeException
When an invalid cipher is provided.
_configDelete() ¶ protected
_configDelete(string $key): void
Deletes a single config key.
Parameters
-
string
$key Key to delete.
Returns
void
Throws
Cake\Core\Exception\Exception
if attempting to clobber existing config
_configRead() ¶ protected
_configRead(string|null $key): mixed
Reads a config key.
Parameters
-
string|null
$key Key to read.
Returns
mixed
_configWrite() ¶ protected
_configWrite(string|array $key, mixed $value, bool|string $merge = false): void
Writes a config key.
Parameters
-
string|array
$key Key to write to.
-
mixed
$value Value to write.
-
bool|string
$merge optional True to merge recursively, 'shallow' for simple merge, false to overwrite, defaults to false.
Returns
void
Throws
Cake\Core\Exception\Exception
if attempting to clobber existing config
_decode() ¶ protected
_decode(string $value, string|false $encrypt, string|null $key): string|array
Decodes and decrypts a single value.
Parameters
-
string
$value The value to decode & decrypt.
-
string|false
$encrypt The encryption cipher to use.
-
string|null
$key Used as the security salt if specified.
Returns
string|array
_decrypt() ¶ protected
_decrypt(array $values, string|bool $mode, string|null $key = null): string|array
Decrypts $value using public $type method in Security class
Parameters
-
array
$values Values to decrypt
-
string|bool
$mode Encryption mode
-
string|null
$key optional Used as the security salt if specified.
Returns
string|array
_delete() ¶ protected
_delete(string $name): void
Sets a cookie expire time to remove cookie value.
This is only done once all values in a cookie key have been removed with delete.
Parameters
-
string
$name Name of cookie
Returns
void
_encrypt() ¶ protected
_encrypt(string $value, string|bool $encrypt, string|null $key = null): string
Encrypts $value using public $type method in Security class
Parameters
-
string
$value Value to encrypt
-
string|bool
$encrypt Encryption mode to use. False disabled encryption.
-
string|null
$key optional Used as the security salt if specified.
Returns
string
_explode() ¶ protected
_explode(string $string): string|array
Explode method to return array from string set in CookieComponent::_implode() Maintains reading backwards compatibility with 1.x CookieComponent::_implode().
Parameters
-
string
$string A string containing JSON encoded data, or a bare string.
Returns
string|array
_getCookieEncryptionKey() ¶ protected
_getCookieEncryptionKey(): string
Returns the encryption key to be used.
Returns
string
_implode() ¶ protected
_implode(array $array): string
Implode method to keep keys are multidimensional arrays
Parameters
-
array
$array Map of key and values
Returns
string
_load() ¶ protected
_load(string|array $key): void
Load the cookie data from the request and response objects.
Based on the configuration data, cookies will be decrypted. When cookies contain array data, that data will be expanded.
Parameters
-
string|array
$key The key to load.
Returns
void
_write() ¶ protected
_write(string $name, string $value): void
Set cookie
Parameters
-
string
$name Name for cookie
-
string
$value Value for cookie
Returns
void
check() ¶ public
check(string|null $key = null): bool
Returns true if given key is set in the cookie.
Parameters
-
string|null
$key optional Key to check for
Returns
bool
config() ¶ public
config(string|array|null $key = null, mixed|null $value = null, bool $merge = true): mixed
Gets/Sets the config.
Usage
Reading the whole config:
$this->config();
Reading a specific value:
$this->config('key');
Reading a nested value:
$this->config('some.nested.key');
Setting a specific value:
$this->config('key', $value);
Setting a nested value:
$this->config('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->config(['one' => 'value', 'another' => 'value']);
Parameters
-
string|array|null
$key optional The key to get/set, or a complete array of configs.
-
mixed|null
$value optional The value to set.
-
bool
$merge optional Whether to recursively merge or overwrite existing config, defaults to true.
Returns
mixed
Throws
Cake\Core\Exception\Exception
When trying to set a key that is invalid.
configKey() ¶ public
configKey(string $keyname, null|string|array $option = null, string|null $value = null): array|null
Set the configuration for a specific top level key.
Examples:
Set a single config option for a key:
$this->Cookie->configKey('User', 'expires', '+3 months');
Set multiple options:
$this->Cookie->configKey('User', [
'expires', '+3 months',
'httpOnly' => true,
]);
Parameters
-
string
$keyname The top level keyname to configure.
-
null|string|array
$option optional Either the option name to set, or an array of options to set, or null to read config options for a given key.
-
string|null
$value optional Either the value to set, or empty when $option is an array.
Returns
array|null
configShallow() ¶ public
configShallow(string|array $key, mixed|null $value = null): $this
Merge provided config with existing config. Unlike config()
which does
a recursive merge for nested keys, this method does a simple merge.
Setting a specific value:
$this->configShallow('key', $value);
Setting a nested value:
$this->configShallow('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->configShallow(['one' => 'value', 'another' => 'value']);
Parameters
-
string|array
$key The key to set, or a complete array of configs.
-
mixed|null
$value optional The value to set.
Returns
$this
delete() ¶ public
delete(string $key): void
Delete a cookie value
You must use this method before any output is sent to the browser. Failure to do so will result in header already sent errors.
Deleting a top level key will delete all keys nested within that key.
For example deleting the User
key, will also delete User.email
.
Parameters
-
string
$key Key of the value to be deleted
Returns
void
getConfig() ¶ public
getConfig(string|null $key = null, mixed $default = null): mixed
Returns the config.
Usage
Reading the whole config:
$this->getConfig();
Reading a specific value:
$this->getConfig('key');
Reading a nested value:
$this->getConfig('some.nested.key');
Reading with default value:
$this->getConfig('some-key', 'default-value');
Parameters
-
string|null
$key optional The key to get or null for the whole config.
-
mixed
$default optional The return value when the key does not exist.
Returns
mixed
getController() ¶ public
getController(): Cake\Controller\Controller
Get the controller this component is bound to.
Returns
Cake\Controller\Controller
implementedEvents() ¶ public
implementedEvents(): array
Events supported by this component.
Uses Conventions to map controller events to standard component callback method names. By defining one of the callback methods a component is assumed to be interested in the related event.
Override this method if you need to add non-conventional event listeners. Or if you want components to listen to non-standard events.
Returns
array
initialize() ¶ public
initialize(array $config): void
Initialize config data and properties.
Implement this method to avoid having to overwrite the constructor and call parent.
Parameters
-
array
$config The config data.
Returns
void
log() ¶ public
log(mixed $msg, int|string $level = LogLevel::ERROR, string|array $context = []): bool
Convenience method to write a message to Log. See Log::write() for more information on writing to logs.
Parameters
-
mixed
$msg Log message.
-
int|string
$level optional Error level.
-
string|array
$context optional Additional log data relevant to this message.
Returns
bool
read() ¶ public
read(string|null $key = null): string
Read the value of key path from request cookies.
This method will also allow you to read cookies that have been written in this request, but not yet sent to the client.
Parameters
-
string|null
$key optional Key of the value to be obtained.
Returns
string
setConfig() ¶ public
setConfig(string|array $key, mixed|null $value = null, bool $merge = true): $this
Sets the config.
Usage
Setting a specific value:
$this->setConfig('key', $value);
Setting a nested value:
$this->setConfig('some.nested.key', $value);
Updating multiple config settings at the same time:
$this->setConfig(['one' => 'value', 'another' => 'value']);
Parameters
-
string|array
$key The key to set, or a complete array of configs.
-
mixed|null
$value optional The value to set.
-
bool
$merge optional Whether to recursively merge or overwrite existing config, defaults to true.
Returns
$this
Throws
Cake\Core\Exception\Exception
When trying to set a key that is invalid.
write() ¶ public
write(string|array $key, mixed $value = null): void
Write a value to the response cookies.
You must use this method before any output is sent to the browser. Failure to do so will result in header already sent errors.
Parameters
-
string|array
$key Key for the value
-
mixed
$value optional Value
Returns
void
Property Detail
$_configInitialized ¶ protected
Whether the config property has already been configured with defaults
Type
bool
$_defaultConfig ¶ protected
Default config
expires
- How long the cookies should last for. Defaults to 1 month.path
- The path on the server in which the cookie will be available on. If path is set to '/foo/', the cookie will only be available within the /foo/ directory and all sub-directories such as /foo/bar/ of domain. The default value is base path of app. For e.g. if your app is running under a subfolder "cakeapp" of document root the path would be "/cakeapp/" else it would be "/".domain
- The domain that the cookie is available. To make the cookie available on all subdomains of example.com set domain to '.example.com'.secure
- Indicates that the cookie should only be transmitted over a secure HTTPS connection. When set to true, the cookie will only be set if a secure connection exists.key
- Encryption key used when encrypted cookies are enabled. Defaults to Security.salt.httpOnly
- Set to true to make HTTP only cookies. Cookies that are HTTP only are not accessible in JavaScript. Default false.encryption
- Type of encryption to use. Defaults to 'aes'.
Type
array
$_keyConfig ¶ protected
Config specific to a given top level key name.
The values in this array are merged with the general config to generate the configuration for a given top level cookie name.
Type
array
$_loaded ¶ protected
A map of keys that have been loaded.
Since CookieComponent lazily reads cookie data, we need to track which cookies have been read to account for read, delete, read patterns.
Type
array
$_registry ¶ protected
Component registry class used to lazy load components.
Type
Cake\Controller\ComponentRegistry
$_response ¶ protected deprecated
A reference to the Controller's Cake\Http\Response object. Currently unused.
Type
Cake\Http\Response|null
$_values ¶ protected
Values stored in the cookie.
Accessed in the controller using $this->Cookie->read('Name.key');
Type
array