/src/php-src/ext/standard/head.c

Source
/*
   +----------------------------------------------------------------------+
   | Copyright (c) The PHP Group                                          |
   +----------------------------------------------------------------------+
   | This source file is subject to version 3.01 of the PHP license,      |
   | that is bundled with this package in the file LICENSE, and is        |
   | available through the world-wide-web at the following url:           |
   | https://www.php.net/license/3_01.txt                                 |
   | If you did not receive a copy of the PHP license and are unable to   |
   | obtain it through the world-wide-web, please send a note to          |
   | license@php.net so we can mail you a copy immediately.               |
   +----------------------------------------------------------------------+
   | Author: Rasmus Lerdorf <rasmus@lerdorf.on.ca>                        |
   +----------------------------------------------------------------------+
 */

#include <stdio.h>
#include "php.h"
#include "ext/standard/php_standard.h"
#include "ext/date/php_date.h"
#include "SAPI.h"
#include "php_main.h"
#include "head.h"
#include <time.h>

#include "php_globals.h"
#include "zend_smart_str.h"


/* Implementation of the language Header() function */
/* {{{ Sends a raw HTTP header */
PHP_FUNCTION(header)
{
  bool rep = 1;
  sapi_header_line ctr = {0};
  char *line;
  size_t len;

  ZEND_PARSE_PARAMETERS_START(1, 3)
    Z_PARAM_STRING(line, len)
    Z_PARAM_OPTIONAL
    Z_PARAM_BOOL(rep)
    Z_PARAM_LONG(ctr.response_code)
  ZEND_PARSE_PARAMETERS_END();

  ctr.line = line;
  ctr.line_len = len;
  sapi_header_op(rep ? SAPI_HEADER_REPLACE:SAPI_HEADER_ADD, &ctr);
}
/* }}} */

/* {{{ Removes an HTTP header previously set using header() */
PHP_FUNCTION(header_remove)
{
  sapi_header_line ctr = {0};
  char *line = NULL;
  size_t len = 0;

  ZEND_PARSE_PARAMETERS_START(0, 1)
    Z_PARAM_OPTIONAL
    Z_PARAM_STRING_OR_NULL(line, len)
  ZEND_PARSE_PARAMETERS_END();

  ctr.line = line;
  ctr.line_len = len;
  sapi_header_op(line == NULL ? SAPI_HEADER_DELETE_ALL : SAPI_HEADER_DELETE, &ctr);
}
/* }}} */

PHPAPI bool php_header(void)
{
  if (sapi_send_headers()==FAILURE || SG(request_info).headers_only) {
    return false; /* don't allow output */
  } else {
    return true; /* allow output */
  }
}

#define ILLEGAL_COOKIE_CHARACTER "\",\", \";\", \" \", \"\\t\", \"\\r\", \"\\n\", \"\\013\", or \"\\014\""
PHPAPI zend_result php_setcookie(zend_string *name, zend_string *value, time_t expires,
  zend_string *path, zend_string *domain, bool secure, bool httponly,
  zend_string *samesite, bool partitioned, bool url_encode)
{
  zend_string *dt;
  sapi_header_line ctr = {0};
  zend_result result;
  smart_str buf = {0};

  if (!ZSTR_LEN(name)) {
    zend_argument_must_not_be_empty_error(1);
    return FAILURE;
  }
  if (strpbrk(ZSTR_VAL(name), "=,; \t\r\n\013\014") != NULL) {   /* man isspace for \013 and \014 */
    zend_argument_value_error(1, "cannot contain \"=\", " ILLEGAL_COOKIE_CHARACTER);
    return FAILURE;
  }
  if (!url_encode && value &&
      strpbrk(ZSTR_VAL(value), ",; \t\r\n\013\014") != NULL) { /* man isspace for \013 and \014 */
    zend_argument_value_error(2, "cannot contain " ILLEGAL_COOKIE_CHARACTER);
    return FAILURE;
  }

  if (path && strpbrk(ZSTR_VAL(path), ",; \t\r\n\013\014") != NULL) { /* man isspace for \013 and \014 */
    zend_value_error("%s(): \"path\" option cannot contain " ILLEGAL_COOKIE_CHARACTER,
      get_active_function_name());
    return FAILURE;
  }
  if (domain && strpbrk(ZSTR_VAL(domain), ",; \t\r\n\013\014") != NULL) { /* man isspace for \013 and \014 */
    zend_value_error("%s(): \"domain\" option cannot contain " ILLEGAL_COOKIE_CHARACTER,
      get_active_function_name());
    return FAILURE;
  }
#ifdef ZEND_ENABLE_ZVAL_LONG64
  if (expires >= 253402300800) {
    zend_value_error("%s(): \"expires\" option cannot have a year greater than 9999",
      get_active_function_name());
    return FAILURE;
  }
#endif
  if (partitioned && !secure) {
    zend_value_error("%s(): \"partitioned\" option cannot be used without \"secure\" option",
      get_active_function_name());
    return FAILURE;
  }

  /* Should check value of SameSite? */

  if (value == NULL || ZSTR_LEN(value) == 0) {
    /*
     * MSIE doesn't delete a cookie when you set it to a null value
     * so in order to force cookies to be deleted, even on MSIE, we
     * pick an expiry date in the past
     */
    smart_str_appends(&buf, "Set-Cookie: ");
    smart_str_append(&buf, name);
    smart_str_appends(&buf, "=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0");
  } else {
    smart_str_appends(&buf, "Set-Cookie: ");
    smart_str_append(&buf, name);
    smart_str_appendc(&buf, '=');
    if (url_encode) {
      zend_string *encoded_value = php_raw_url_encode(ZSTR_VAL(value), ZSTR_LEN(value));
      smart_str_append(&buf, encoded_value);
      zend_string_release_ex(encoded_value, 0);
    } else {
      smart_str_append(&buf, value);
    }

    if (expires > 0) {
      double diff;

      smart_str_appends(&buf, COOKIE_EXPIRES);
      dt = php_format_date("D, d M Y H:i:s \\G\\M\\T", sizeof("D, d M Y H:i:s \\G\\M\\T")-1, expires, 0);

      smart_str_append(&buf, dt);
      zend_string_free(dt);

      diff = difftime(expires, php_time());
      if (diff < 0) {
        diff = 0;
      }

      smart_str_appends(&buf, COOKIE_MAX_AGE);
      smart_str_append_long(&buf, (zend_long) diff);
    }
  }

  if (path && ZSTR_LEN(path)) {
    smart_str_appends(&buf, COOKIE_PATH);
    smart_str_append(&buf, path);
  }
  if (domain && ZSTR_LEN(domain)) {
    smart_str_appends(&buf, COOKIE_DOMAIN);
    smart_str_append(&buf, domain);
  }
  if (secure) {
    smart_str_appends(&buf, COOKIE_SECURE);
  }
  if (httponly) {
    smart_str_appends(&buf, COOKIE_HTTPONLY);
  }
  if (samesite && ZSTR_LEN(samesite)) {
    smart_str_appends(&buf, COOKIE_SAMESITE);
    smart_str_append(&buf, samesite);
  }
  if (partitioned) {
    smart_str_appends(&buf, COOKIE_PARTITIONED);
  }

  ctr.line = ZSTR_VAL(buf.s);
  ctr.line_len = (uint32_t) ZSTR_LEN(buf.s);

  result = sapi_header_op(SAPI_HEADER_ADD, &ctr);
  zend_string_release(buf.s);
  return result;
}

static zend_result php_head_parse_cookie_options_array(HashTable *options, zend_long *expires, zend_string **path,
    zend_string **domain, bool *secure, bool *httponly, zend_string **samesite, bool *partitioned)
{
  zend_string *key;
  zval *value;

  ZEND_HASH_FOREACH_STR_KEY_VAL(options, key, value) {
    if (!key) {
      zend_value_error("%s(): option array cannot have numeric keys", get_active_function_name());
      return FAILURE;
    }
    if (zend_string_equals_literal_ci(key, "expires")) {
      *expires = zval_get_long(value);
    } else if (zend_string_equals_literal_ci(key, "path")) {
      *path = zval_get_string(value);
    } else if (zend_string_equals_literal_ci(key, "domain")) {
      *domain = zval_get_string(value);
    } else if (zend_string_equals_literal_ci(key, "secure")) {
      *secure = zval_is_true(value);
    } else if (zend_string_equals_literal_ci(key, "httponly")) {
      *httponly = zval_is_true(value);
    } else if (zend_string_equals_literal_ci(key, "samesite")) {
      *samesite = zval_get_string(value);
    } else if (zend_string_equals_literal_ci(key, "partitioned")) {
      *partitioned = zval_is_true(value);
    } else {
      zend_value_error("%s(): option \"%s\" is invalid", get_active_function_name(), ZSTR_VAL(key));
      return FAILURE;
    }
  } ZEND_HASH_FOREACH_END();
  return SUCCESS;
}

static void php_setcookie_common(INTERNAL_FUNCTION_PARAMETERS, bool is_raw)
{
  HashTable *options = NULL;
  zend_long expires = 0;
  zend_string *name, *value = NULL, *path = NULL, *domain = NULL, *samesite = NULL;
  bool secure = 0, httponly = 0, partitioned = false;

  ZEND_PARSE_PARAMETERS_START(1, 7)
    Z_PARAM_STR(name)
    Z_PARAM_OPTIONAL
    Z_PARAM_STR(value)
    Z_PARAM_ARRAY_HT_OR_LONG(options, expires)
    Z_PARAM_STR(path)
    Z_PARAM_STR(domain)
    Z_PARAM_BOOL(secure)
    Z_PARAM_BOOL(httponly)
  ZEND_PARSE_PARAMETERS_END();

  if (options) {
    if (UNEXPECTED(ZEND_NUM_ARGS() > 3)) {
      zend_argument_count_error("%s(): Expects exactly 3 arguments when argument #3 "
        "($expires_or_options) is an array", get_active_function_name());
      RETURN_THROWS();
    }

    if (FAILURE == php_head_parse_cookie_options_array(options, &expires, &path,
      &domain, &secure, &httponly, &samesite, &partitioned)
    ) {
      goto cleanup;
    }
  }

  if (php_setcookie(name, value, expires, path, domain, secure, httponly, samesite, partitioned, !is_raw) == SUCCESS) {
    RETVAL_TRUE;
  } else {
    RETVAL_FALSE;
  }

  if (options) {
cleanup:
    if (path) {
      zend_string_release(path);
    }
    if (domain) {
      zend_string_release(domain);
    }
    if (samesite) {
      zend_string_release(samesite);
    }
  }
}

/* {{{ setcookie(string name [, string value [, array options]])
   Send a cookie */
PHP_FUNCTION(setcookie)
{
  php_setcookie_common(INTERNAL_FUNCTION_PARAM_PASSTHRU, false);
}
/* }}} */

/* {{{ setrawcookie(string name [, string value [, array options]])
   Send a cookie with no url encoding of the value */
PHP_FUNCTION(setrawcookie)
{
  php_setcookie_common(INTERNAL_FUNCTION_PARAM_PASSTHRU, true);
}
/* }}} */


/* {{{ Returns true if headers have already been sent, false otherwise */
PHP_FUNCTION(headers_sent)
{
  zval *arg1 = NULL, *arg2 = NULL;
  const char *file="";
  int line=0;

  ZEND_PARSE_PARAMETERS_START(0, 2)
    Z_PARAM_OPTIONAL
    Z_PARAM_ZVAL(arg1)
    Z_PARAM_ZVAL(arg2)
  ZEND_PARSE_PARAMETERS_END();

  if (SG(headers_sent)) {
    line = php_output_get_start_lineno();
    file = php_output_get_start_filename();
  }

  switch(ZEND_NUM_ARGS()) {
  case 2:
    ZEND_TRY_ASSIGN_REF_LONG(arg2, line);
    ZEND_FALLTHROUGH;
  case 1:
    if (file) {
      ZEND_TRY_ASSIGN_REF_STRING(arg1, file);
    } else {
      ZEND_TRY_ASSIGN_REF_EMPTY_STRING(arg1);
    }
    break;
  }

  if (SG(headers_sent)) {
    RETURN_TRUE;
  } else {
    RETURN_FALSE;
  }
}
/* }}} */

/* {{{ php_head_apply_header_list_to_hash
   Turn an llist of sapi_header_struct headers into a numerically indexed zval hash */
static void php_head_apply_header_list_to_hash(void *data, void *arg)
{
  sapi_header_struct *sapi_header = (sapi_header_struct *)data;

  if (arg && sapi_header) {
    add_next_index_string((zval *)arg, (char *)(sapi_header->header));
  }
}

/* {{{ Return list of headers to be sent / already sent */
PHP_FUNCTION(headers_list)
{
  ZEND_PARSE_PARAMETERS_NONE();

  array_init(return_value);
  zend_llist_apply_with_argument(&SG(sapi_headers).headers, php_head_apply_header_list_to_hash, return_value);
}
/* }}} */

/* {{{ Sets a response code, or returns the current HTTP response code */
PHP_FUNCTION(http_response_code)
{
  zend_long response_code = 0;

  ZEND_PARSE_PARAMETERS_START(0, 1)
    Z_PARAM_OPTIONAL
    Z_PARAM_LONG(response_code)
  ZEND_PARSE_PARAMETERS_END();

  if (response_code)
  {
    if (SG(headers_sent) && !SG(request_info).no_headers) {
      const char *output_start_filename = php_output_get_start_filename();
      int output_start_lineno = php_output_get_start_lineno();

      if (output_start_filename) {
        php_error_docref(NULL, E_WARNING, "Cannot set response code - headers already sent "
          "(output started at %s:%d)", output_start_filename, output_start_lineno);
      } else {
        php_error_docref(NULL, E_WARNING, "Cannot set response code - headers already sent");
      }
      RETURN_FALSE;
    }

    if (SG(sapi_headers).http_status_line) {
      php_error_docref(NULL, E_WARNING, "Calling http_response_code() after header('HTTP/...') has no effect");
      // If it is decided that this should have effect in the future, replace warning with
      // efree(SG(sapi_headers).http_status_line);
      // SG(sapi_headers).http_status_line = NULL;
    }

    zend_long old_response_code;

    old_response_code = SG(sapi_headers).http_response_code;
    SG(sapi_headers).http_response_code = (int)response_code;

    if (old_response_code) {
      RETURN_LONG(old_response_code);
    }

    RETURN_TRUE;
  }

  if (!SG(sapi_headers).http_response_code) {
    RETURN_FALSE;
  }

  RETURN_LONG(SG(sapi_headers).http_response_code);
}
/* }}} */

Coverage Report

Created: 2025-09-27 06:26

Line	Count	Source
1		/*
2		+----------------------------------------------------------------------+
3		\| Copyright (c) The PHP Group \|
4		+----------------------------------------------------------------------+
5		\| This source file is subject to version 3.01 of the PHP license, \|
6		\| that is bundled with this package in the file LICENSE, and is \|
7		\| available through the world-wide-web at the following url: \|
8		\| https://www.php.net/license/3_01.txt \|
9		\| If you did not receive a copy of the PHP license and are unable to \|
10		\| obtain it through the world-wide-web, please send a note to \|
11		\| license@php.net so we can mail you a copy immediately. \|
12		+----------------------------------------------------------------------+
13		\| Author: Rasmus Lerdorf <rasmus@lerdorf.on.ca> \|
14		+----------------------------------------------------------------------+
15		*/
16
17		#include <stdio.h>
18		#include "php.h"
19		#include "ext/standard/php_standard.h"
20		#include "ext/date/php_date.h"
21		#include "SAPI.h"
22		#include "php_main.h"
23		#include "head.h"
24		#include <time.h>
25
26		#include "php_globals.h"
27		#include "zend_smart_str.h"
28
29
30		/* Implementation of the language Header() function */
31		/* {{{ Sends a raw HTTP header */
32		PHP_FUNCTION(header)
33	43	{
34	43	bool rep = 1;
35	43	sapi_header_line ctr = {0};
36	43	char *line;
37	43	size_t len;
38
39	129	ZEND_PARSE_PARAMETERS_START(1, 3)
40	172	Z_PARAM_STRING(line, len)
41	43	Z_PARAM_OPTIONAL
42	90	Z_PARAM_BOOL(rep)
43	6	Z_PARAM_LONG(ctr.response_code)
44	43	ZEND_PARSE_PARAMETERS_END();
45
46	43	ctr.line = line;
47	43	ctr.line_len = len;
48	43	sapi_header_op(rep ? SAPI_HEADER_REPLACE:SAPI_HEADER_ADD, &ctr);
49	43	}
50		/* }}} */
51
52		/* {{{ Removes an HTTP header previously set using header() */
53		PHP_FUNCTION(header_remove)
54	0	{
55	0	sapi_header_line ctr = {0};
56	0	char *line = NULL;
57	0	size_t len = 0;
58
59	0	ZEND_PARSE_PARAMETERS_START(0, 1)
60	0	Z_PARAM_OPTIONAL
61	0	Z_PARAM_STRING_OR_NULL(line, len)
62	0	ZEND_PARSE_PARAMETERS_END();
63
64	0	ctr.line = line;
65	0	ctr.line_len = len;
66	0	sapi_header_op(line == NULL ? SAPI_HEADER_DELETE_ALL : SAPI_HEADER_DELETE, &ctr);
67	0	}
68		/* }}} */
69
70		PHPAPI bool php_header(void)
71	278k	{
72	278k	if (sapi_send_headers()==FAILURE \|\| SG(request_info).headers_only) {
73	0	return false; /* don't allow output */
74	278k	} else {
75	278k	return true; /* allow output */
76	278k	}
77	278k	}
78
79	0	#define ILLEGAL_COOKIE_CHARACTER "\",\", \";\", \" \", \"\\t\", \"\\r\", \"\\n\", \"\\013\", or \"\\014\""
80		PHPAPI zend_result php_setcookie(zend_string name, zend_string value, time_t expires,
81		zend_string path, zend_string domain, bool secure, bool httponly,
82		zend_string *samesite, bool partitioned, bool url_encode)
83	0	{
84	0	zend_string *dt;
85	0	sapi_header_line ctr = {0};
86	0	zend_result result;
87	0	smart_str buf = {0};
88
89	0	if (!ZSTR_LEN(name)) {
90	0	zend_argument_must_not_be_empty_error(1);
91	0	return FAILURE;
92	0	}
93	0	if (strpbrk(ZSTR_VAL(name), "=,; \t\r\n\013\014") != NULL) { /* man isspace for \013 and \014 */
94	0	zend_argument_value_error(1, "cannot contain \"=\", " ILLEGAL_COOKIE_CHARACTER);
95	0	return FAILURE;
96	0	}
97	0	if (!url_encode && value &&
98	0	strpbrk(ZSTR_VAL(value), ",; \t\r\n\013\014") != NULL) { /* man isspace for \013 and \014 */
99	0	zend_argument_value_error(2, "cannot contain " ILLEGAL_COOKIE_CHARACTER);
100	0	return FAILURE;
101	0	}
102
103	0	if (path && strpbrk(ZSTR_VAL(path), ",; \t\r\n\013\014") != NULL) { /* man isspace for \013 and \014 */
104	0	zend_value_error("%s(): \"path\" option cannot contain " ILLEGAL_COOKIE_CHARACTER,
105	0	get_active_function_name());
106	0	return FAILURE;
107	0	}
108	0	if (domain && strpbrk(ZSTR_VAL(domain), ",; \t\r\n\013\014") != NULL) { /* man isspace for \013 and \014 */
109	0	zend_value_error("%s(): \"domain\" option cannot contain " ILLEGAL_COOKIE_CHARACTER,
110	0	get_active_function_name());
111	0	return FAILURE;
112	0	}
113	0	#ifdef ZEND_ENABLE_ZVAL_LONG64
114	0	if (expires >= 253402300800) {
115	0	zend_value_error("%s(): \"expires\" option cannot have a year greater than 9999",
116	0	get_active_function_name());
117	0	return FAILURE;
118	0	}
119	0	#endif
120	0	if (partitioned && !secure) {
121	0	zend_value_error("%s(): \"partitioned\" option cannot be used without \"secure\" option",
122	0	get_active_function_name());
123	0	return FAILURE;
124	0	}
125
126		/* Should check value of SameSite? */
127
128	0	if (value == NULL \|\| ZSTR_LEN(value) == 0) {
129		/*
130		* MSIE doesn't delete a cookie when you set it to a null value
131		* so in order to force cookies to be deleted, even on MSIE, we
132		* pick an expiry date in the past
133		*/
134	0	smart_str_appends(&buf, "Set-Cookie: ");
135	0	smart_str_append(&buf, name);
136	0	smart_str_appends(&buf, "=deleted; expires=Thu, 01 Jan 1970 00:00:01 GMT; Max-Age=0");
137	0	} else {
138	0	smart_str_appends(&buf, "Set-Cookie: ");
139	0	smart_str_append(&buf, name);
140	0	smart_str_appendc(&buf, '=');
141	0	if (url_encode) {
142	0	zend_string *encoded_value = php_raw_url_encode(ZSTR_VAL(value), ZSTR_LEN(value));
143	0	smart_str_append(&buf, encoded_value);
144	0	zend_string_release_ex(encoded_value, 0);
145	0	} else {
146	0	smart_str_append(&buf, value);
147	0	}
148
149	0	if (expires > 0) {
150	0	double diff;
151
152	0	smart_str_appends(&buf, COOKIE_EXPIRES);
153	0	dt = php_format_date("D, d M Y H:i:s \\G\\M\\T", sizeof("D, d M Y H:i:s \\G\\M\\T")-1, expires, 0);
154
155	0	smart_str_append(&buf, dt);
156	0	zend_string_free(dt);
157
158	0	diff = difftime(expires, php_time());
159	0	if (diff < 0) {
160	0	diff = 0;
161	0	}
162
163	0	smart_str_appends(&buf, COOKIE_MAX_AGE);
164	0	smart_str_append_long(&buf, (zend_long) diff);
165	0	}
166	0	}
167
168	0	if (path && ZSTR_LEN(path)) {
169	0	smart_str_appends(&buf, COOKIE_PATH);
170	0	smart_str_append(&buf, path);
171	0	}
172	0	if (domain && ZSTR_LEN(domain)) {
173	0	smart_str_appends(&buf, COOKIE_DOMAIN);
174	0	smart_str_append(&buf, domain);
175	0	}
176	0	if (secure) {
177	0	smart_str_appends(&buf, COOKIE_SECURE);
178	0	}
179	0	if (httponly) {
180	0	smart_str_appends(&buf, COOKIE_HTTPONLY);
181	0	}
182	0	if (samesite && ZSTR_LEN(samesite)) {
183	0	smart_str_appends(&buf, COOKIE_SAMESITE);
184	0	smart_str_append(&buf, samesite);
185	0	}
186	0	if (partitioned) {
187	0	smart_str_appends(&buf, COOKIE_PARTITIONED);
188	0	}
189
190	0	ctr.line = ZSTR_VAL(buf.s);
191	0	ctr.line_len = (uint32_t) ZSTR_LEN(buf.s);
192
193	0	result = sapi_header_op(SAPI_HEADER_ADD, &ctr);
194	0	zend_string_release(buf.s);
195	0	return result;
196	0	}
197
198		static zend_result php_head_parse_cookie_options_array(HashTable options, zend_long expires, zend_string **path,
199		zend_string *domain, bool secure, bool httponly, zend_string samesite, bool partitioned)
200	0	{
201	0	zend_string *key;
202	0	zval *value;
203
204	0	ZEND_HASH_FOREACH_STR_KEY_VAL(options, key, value) {
205	0	if (!key) {
206	0	zend_value_error("%s(): option array cannot have numeric keys", get_active_function_name());
207	0	return FAILURE;
208	0	}
209	0	if (zend_string_equals_literal_ci(key, "expires")) {
210	0	*expires = zval_get_long(value);
211	0	} else if (zend_string_equals_literal_ci(key, "path")) {
212	0	*path = zval_get_string(value);
213	0	} else if (zend_string_equals_literal_ci(key, "domain")) {
214	0	*domain = zval_get_string(value);
215	0	} else if (zend_string_equals_literal_ci(key, "secure")) {
216	0	*secure = zval_is_true(value);
217	0	} else if (zend_string_equals_literal_ci(key, "httponly")) {
218	0	*httponly = zval_is_true(value);
219	0	} else if (zend_string_equals_literal_ci(key, "samesite")) {
220	0	*samesite = zval_get_string(value);
221	0	} else if (zend_string_equals_literal_ci(key, "partitioned")) {
222	0	*partitioned = zval_is_true(value);
223	0	} else {
224	0	zend_value_error("%s(): option \"%s\" is invalid", get_active_function_name(), ZSTR_VAL(key));
225	0	return FAILURE;
226	0	}
227	0	} ZEND_HASH_FOREACH_END();
228	0	return SUCCESS;
229	0	}
230
231		static void php_setcookie_common(INTERNAL_FUNCTION_PARAMETERS, bool is_raw)
232	0	{
233	0	HashTable *options = NULL;
234	0	zend_long expires = 0;
235	0	zend_string name, value = NULL, path = NULL, domain = NULL, *samesite = NULL;
236	0	bool secure = 0, httponly = 0, partitioned = false;
237
238	0	ZEND_PARSE_PARAMETERS_START(1, 7)
239	0	Z_PARAM_STR(name)
240	0	Z_PARAM_OPTIONAL
241	0	Z_PARAM_STR(value)
242	0	Z_PARAM_ARRAY_HT_OR_LONG(options, expires)
243	0	Z_PARAM_STR(path)
244	0	Z_PARAM_STR(domain)
245	0	Z_PARAM_BOOL(secure)
246	0	Z_PARAM_BOOL(httponly)
247	0	ZEND_PARSE_PARAMETERS_END();
248
249	0	if (options) {
250	0	if (UNEXPECTED(ZEND_NUM_ARGS() > 3)) {
251	0	zend_argument_count_error("%s(): Expects exactly 3 arguments when argument #3 "
252	0	"($expires_or_options) is an array", get_active_function_name());
253	0	RETURN_THROWS();
254	0	}
255
256	0	if (FAILURE == php_head_parse_cookie_options_array(options, &expires, &path,
257	0	&domain, &secure, &httponly, &samesite, &partitioned)
258	0	) {
259	0	goto cleanup;
260	0	}
261	0	}
262
263	0	if (php_setcookie(name, value, expires, path, domain, secure, httponly, samesite, partitioned, !is_raw) == SUCCESS) {
264	0	RETVAL_TRUE;
265	0	} else {
266	0	RETVAL_FALSE;
267	0	}
268
269	0	if (options) {
270	0	cleanup:
271	0	if (path) {
272	0	zend_string_release(path);
273	0	}
274	0	if (domain) {
275	0	zend_string_release(domain);
276	0	}
277	0	if (samesite) {
278	0	zend_string_release(samesite);
279	0	}
280	0	}
281	0	}
282
283		/* {{{ setcookie(string name [, string value [, array options]])
284		Send a cookie */
285		PHP_FUNCTION(setcookie)
286	0	{
287	0	php_setcookie_common(INTERNAL_FUNCTION_PARAM_PASSTHRU, false);
288	0	}
289		/* }}} */
290
291		/* {{{ setrawcookie(string name [, string value [, array options]])
292		Send a cookie with no url encoding of the value */
293		PHP_FUNCTION(setrawcookie)
294	0	{
295	0	php_setcookie_common(INTERNAL_FUNCTION_PARAM_PASSTHRU, true);
296	0	}
297		/* }}} */
298
299
300		/* {{{ Returns true if headers have already been sent, false otherwise */
301		PHP_FUNCTION(headers_sent)
302	13	{
303	13	zval arg1 = NULL, arg2 = NULL;
304	13	const char *file="";
305	13	int line=0;
306
307	39	ZEND_PARSE_PARAMETERS_START(0, 2)
308	39	Z_PARAM_OPTIONAL
309	52	Z_PARAM_ZVAL(arg1)
310	52	Z_PARAM_ZVAL(arg2)
311	38	ZEND_PARSE_PARAMETERS_END();
312
313	13	if (SG(headers_sent)) {
314	0	line = php_output_get_start_lineno();
315	0	file = php_output_get_start_filename();
316	0	}
317
318	13	switch(ZEND_NUM_ARGS()) {
319	6	case 2:
320	6	ZEND_TRY_ASSIGN_REF_LONG(arg2, line);
321	6	ZEND_FALLTHROUGH;
322	13	case 1:
323	13	if (file) {
324	13	ZEND_TRY_ASSIGN_REF_STRING(arg1, file);
325	13	} else {
326	0	ZEND_TRY_ASSIGN_REF_EMPTY_STRING(arg1);
327	0	}
328	13	break;
329	13	}
330
331	13	if (SG(headers_sent)) {
332	5	RETURN_TRUE;
333	8	} else {
334	8	RETURN_FALSE;
335	8	}
336	13	}
337		/* }}} */
338
339		/* {{{ php_head_apply_header_list_to_hash
340		Turn an llist of sapi_header_struct headers into a numerically indexed zval hash */
341		static void php_head_apply_header_list_to_hash(void data, void arg)
342	0	{
343	0	sapi_header_struct sapi_header = (sapi_header_struct )data;
344
345	0	if (arg && sapi_header) {
346	0	add_next_index_string((zval )arg, (char )(sapi_header->header));
347	0	}
348	0	}
349
350		/* {{{ Return list of headers to be sent / already sent */
351		PHP_FUNCTION(headers_list)
352	0	{
353	0	ZEND_PARSE_PARAMETERS_NONE();
354
355	0	array_init(return_value);
356	0	zend_llist_apply_with_argument(&SG(sapi_headers).headers, php_head_apply_header_list_to_hash, return_value);
357	0	}
358		/* }}} */
359
360		/* {{{ Sets a response code, or returns the current HTTP response code */
361		PHP_FUNCTION(http_response_code)
362	0	{
363	0	zend_long response_code = 0;
364
365	0	ZEND_PARSE_PARAMETERS_START(0, 1)
366	0	Z_PARAM_OPTIONAL
367	0	Z_PARAM_LONG(response_code)
368	0	ZEND_PARSE_PARAMETERS_END();
369
370	0	if (response_code)
371	0	{
372	0	if (SG(headers_sent) && !SG(request_info).no_headers) {
373	0	const char *output_start_filename = php_output_get_start_filename();
374	0	int output_start_lineno = php_output_get_start_lineno();
375
376	0	if (output_start_filename) {
377	0	php_error_docref(NULL, E_WARNING, "Cannot set response code - headers already sent "
378	0	"(output started at %s:%d)", output_start_filename, output_start_lineno);
379	0	} else {
380	0	php_error_docref(NULL, E_WARNING, "Cannot set response code - headers already sent");
381	0	}
382	0	RETURN_FALSE;
383	0	}
384
385	0	if (SG(sapi_headers).http_status_line) {
386	0	php_error_docref(NULL, E_WARNING, "Calling http_response_code() after header('HTTP/...') has no effect");
387		// If it is decided that this should have effect in the future, replace warning with
388		// efree(SG(sapi_headers).http_status_line);
389		// SG(sapi_headers).http_status_line = NULL;
390	0	}
391
392	0	zend_long old_response_code;
393
394	0	old_response_code = SG(sapi_headers).http_response_code;
395	0	SG(sapi_headers).http_response_code = (int)response_code;
396
397	0	if (old_response_code) {
398	0	RETURN_LONG(old_response_code);
399	0	}
400
401	0	RETURN_TRUE;
402	0	}
403
404	0	if (!SG(sapi_headers).http_response_code) {
405	0	RETURN_FALSE;
406	0	}
407
408	0	RETURN_LONG(SG(sapi_headers).http_response_code);
409	0	}
410		/* }}} */