From 8d2b7101f43009dc0c2e028dd7e119aeb3fafa94 Mon Sep 17 00:00:00 2001
From: Kijin Sung <kijin@kijinsung.com>
Date: Tue, 24 Oct 2023 23:09:50 +0900
Subject: [PATCH] Use Cookie class to control session and member-related
 cookies, too

---
 common/framework/Session.php                  | 47 ++-----------------
 modules/member/controllers/Device.php         |  7 ++-
 .../ncenterlite/ncenterlite.controller.php    |  2 +-
 3 files changed, 11 insertions(+), 45 deletions(-)

diff --git a/common/framework/Session.php b/common/framework/Session.php
index 614d05097..73e7753f5 100644
--- a/common/framework/Session.php
+++ b/common/framework/Session.php
@@ -235,7 +235,7 @@ class Session
 		if (!isset($_COOKIE['rx_login_status']) || $_COOKIE['rx_login_status'] !== $value)
 		{
 			list($lifetime, $refresh_interval, $domain, $path, $secure, $httponly, $samesite) = self::_getParams();
-			self::_setCookie('rx_login_status', $value, array(
+			Cookie::set('rx_login_status', $value, array(
 				'expires' => 0,
 				'path' => $path,
 				'domain' => $domain,
@@ -277,7 +277,7 @@ class Session
 		if(!$is_default_domain && !\Context::get('sso_response') && $_COOKIE['sso'] !== md5($current_domain))
 		{
 			// Set sso cookie to prevent multiple simultaneous SSO validation requests.
-			self::_setCookie('sso', md5($current_domain), array(
+			Cookie::set('sso', md5($current_domain), array(
 				'expires' => 0,
 				'path' => '/',
 				'domain' => null,
@@ -439,7 +439,7 @@ class Session
 		if ($refresh_cookie)
 		{
 			self::destroyCookiesFromConflictingDomains(array(session_name()));
-			self::_setCookie(session_name(), session_id(), $options);
+			Cookie::set(session_name(), session_id(), $options);
 			if (self::$_autologin_key = self::_getAutologinKey())
 			{
 				self::setAutologinKeys(substr(self::$_autologin_key, 0, 24), substr(self::$_autologin_key, 24, 24));
@@ -1079,45 +1079,6 @@ class Session
 		}
 	}
 
-	/**
-	 * Set cookie (for compatibility with PHP < 7.3)
-	 *
-	 * @param string $name
-	 * @param string $value
-	 * @param array $options
-	 * @return bool
-	 */
-	protected static function _setCookie(string $name, string $value, array $options = []): bool
-	{
-		$name = strval($name);
-		$value = strval($value);
-
-		if (PHP_VERSION_ID >= 70300)
-		{
-			$result = setcookie($name, $value, $options);
-		}
-		else
-		{
-			$expires = $options['expires'] ?? 0;
-			$path = $options['path'] ?? null;
-			$domain = $options['domain'] ?? null;
-			$secure = $options['secure'] ?? null;
-			$httponly = $options['httponly'] ?? null;
-			$samesite = $options['samesite'] ?? '';
-			if ($samesite)
-			{
-				$path = ($path ?: '/') . '; SameSite=' . $samesite;
-			}
-			$result = setcookie($name, $value, $expires, $path, $domain, $secure, $httponly);
-		}
-
-		if ($result)
-		{
-			$_COOKIE[$name] = $value;
-		}
-		return $result;
-	}
-
 	/**
 	 * Unset cookie.
 	 *
@@ -1155,7 +1116,7 @@ class Session
 		{
 			$_SESSION['RHYMIX']['autologin_key'] = $autologin_key . $security_key;
 			self::destroyCookiesFromConflictingDomains(array('rx_autologin'));
-			self::_setCookie('rx_autologin', $autologin_key . $security_key, array(
+			Cookie::set('rx_autologin', $autologin_key . $security_key, array(
 				'expires' => $lifetime,
 				'path' => $path,
 				'domain' => $domain,
diff --git a/modules/member/controllers/Device.php b/modules/member/controllers/Device.php
index 639119388..8efe7564b 100644
--- a/modules/member/controllers/Device.php
+++ b/modules/member/controllers/Device.php
@@ -2,6 +2,8 @@
 
 namespace Rhymix\Modules\Member\Controllers;
 
+use Rhymix\Framework\Cookie;
+
 class Device extends \Member
 {
 	/**
@@ -412,7 +414,10 @@ class Device extends \Member
 		}
 		else
 		{
-			setcookie('device_key', $member_srl . ':' . $device_key, time() + 60, \RX_BASEURL, null, !!config('session.use_ssl_cookies'), true);
+			Cookie::set('device_key', $member_srl . ':' . $device_key, [
+				'expires' => time() + 60,
+				'httponly' => true,
+			]);
 		}
 	}
 }
diff --git a/modules/ncenterlite/ncenterlite.controller.php b/modules/ncenterlite/ncenterlite.controller.php
index bee310b9b..544d2f79e 100644
--- a/modules/ncenterlite/ncenterlite.controller.php
+++ b/modules/ncenterlite/ncenterlite.controller.php
@@ -1122,7 +1122,7 @@ class NcenterliteController extends Ncenterlite
 		}
 		if(!empty($_COOKIE['_ncenterlite_hide_id']))
 		{
-			setcookie('_ncenterlite_hide_id', '', 0, '/');
+			Rhymix\Framework\Cookie::remove('_ncenterlite_hide_id', ['path' => '/']);
 		}
 
 		$oMemberModel = getModel('member');