modified cookie class. set application key on first request if not set.

2b12c0c1 · Taylor Otwell · 4cf7f0c6 · 2b12c0c1 · 2b12c0c1 · 2b12c0c1
Commit 2b12c0c1 authored Jan 31, 2012 by Taylor Otwell
6 changed files
--- a/application/config/application.php
+++ b/application/config/application.php
@@ -153,4 +153,4 @@ return array(
 		'View'       => 'Laravel\\View',
 	),

-);
+);
\ No newline at end of file
--- a/laravel/cookie.php
+++ b/laravel/cookie.php
@@ -2,11 +2,6 @@

 use Closure;

-if (trim(Config::get('application.key')) === '')
-{
-	throw new \Exception('The cookie class may not be used without an application key.');
-}
-
 class Cookie {

 	/**
@@ -27,6 +22,39 @@ class Cookie {
 		return ! is_null(static::get($name));
 	}

+	/**
+	 * Send all of the cookies to the browser.
+	 *
+	 * @return void
+	 */
+	public static function send()
+	{
+		if (headers_sent()) return false;
+
+		// All cookies are stored in the "jar" when set and not sent
+		// directly to the browser. This simply makes testing all of
+		// the cookie functionality easier since the cooke jar can
+		// be inspected by the developer in tests.
+		foreach (static::$jar as $cookie)
+		{
+			extract($cookie);
+
+			$time = ($minutes !== 0) ? time() + ($minutes * 60) : 0;
+
+			// A cookie payload can't exceed 4096 bytes, so if the
+			// payload is greater than that, we'll raise an error
+			// to warn the developer.
+			$value = static::sign($name, $value);
+
+			if (strlen($value) > 4000)
+			{
+				throw new \Exception("Payload too large for cookie.");
+			}
+
+			setcookie($name, $value, $time, $path, $domain, $secure);
+		}
+	}
+
 	/**
 	 * Get the value of a cookie.
 	 *
@@ -34,7 +62,7 @@ class Cookie {
 	 *		// Get the value of the "favorite" cookie
 	 *		$favorite = Cookie::get('favorite');
 	 *
-	 *		// Get the value of a cookie or return a default value if it doesn't exist
+	 *		// Get the value of a cookie or return a default value 
 	 *		$favorite = Cookie::get('framework', 'Laravel');
 	 * </code>
 	 *
@@ -44,6 +72,8 @@ class Cookie {
 	 */
 	public static function get($name, $default = null)
 	{
+		if (isset(static::$jar[$name])) return static::$jar[$name];
+
 		$value = array_get($_COOKIE, $name);

 		if ( ! is_null($value) and isset($value[40]) and $value[40] == '~')
@@ -69,8 +99,6 @@ class Cookie {
 	/**
 	 * Set the value of a cookie.
 	 *
-	 * If the response headers have already been sent, the cookie will not be set.
-	 *
 	 * <code>
 	 *		// Set the value of the "favorite" cookie
 	 *		Cookie::put('favorite', 'Laravel');
@@ -89,44 +117,7 @@ class Cookie {
 	 */
 	public static function put($name, $value, $minutes = 0, $path = '/', $domain = null, $secure = false)
 	{
-		$time = ($minutes !== 0) ? time() + ($minutes * 60) : 0;
-
-		$_COOKIE[$name] = $value = static::sign($name, $value);
-
-		// A cookie payload can't exceed 4096 bytes, so if the payload
-		// is greater than that, we'll raise an exception to warn the
-		// developer of the problem since it may cause bad problems.
-		if (strlen($value) > 4000)
-		{
-			throw new \Exception("Payload too large for cookie.");
-		}
-
-		static::$jar[$name] = compact(
-
-			'name', 'value', 'time', 'path', 'domain', 'secure'
-
-		);
-	}
-
-	/**
-	 * Send all of the cookies to the browser.
-	 *
-	 * @return void
-	 */
-	public static function send()
-	{
-		if (headers_sent()) return false;
-
-		// All cookies are stored in the "jar" when set and not sent
-		// immediately to the browser. This just makes testing the
-		// cookie functionality of an application much easier, as
-		// the jar can be inspected by the developer.
-		foreach (static::$jar as $cookie)
-		{
-			extract($cookie);
-
-			setcookie($name, $value, $time, $path, $domain, $secure);
-		}
+		static::$jar[$name] = compact('name', 'value', 'minutes', 'path', 'domain', 'secure');
 	}

 	/**

--- a/laravel/crypter.php
+++ b/laravel/crypter.php
 <?php namespace Laravel; defined('DS') or die('No direct script access.');

-if (trim(Config::get('application.key')) === '')
-{
-	throw new \Exception('The Crypter class may not be used without an application key.');
-}
-
 class Crypter {

 	/**

--- a/laravel/laravel.php
+++ b/laravel/laravel.php
@@ -7,6 +7,25 @@
 */
 require 'core.php';

+/**
+ * Verify that an application key has been set in the configuration.
+ * The key is used to do proper signature hashing on cookies, as
+ * well as keep various other parts of the framework secure, so
+ * it is a required configuration option.
+ */
+if (Config::$items['application']['application']['key'] == '')
+{
+	$key = Str::random(32);
+
+	Config::set('application.key', $key);
+
+	$config = File::get(path('app').'config/application'.EXT);
+
+	$config = str_replace("'key' => ''", "'key' => '{$key}'", $config);
+
+	File::put(path('app').'config/application'.EXT, $config);
+}
+
 /**
 * Register the default timezone for the application. This will be the
 * default timezone used by all date / timezone functions throughout
@@ -187,10 +206,7 @@ if (Config::get('session.driver') !== '')
 * to make testing the cookie functionality of the site
 * much easier since the jar can be inspected.
 */
-if (Config::get('application.key') !== '')
-{
-	Cookie::send();	
-}
+Cookie::send();	

 /**
 * Send the final response to the browser and fire the

--- a/laravel/session.php
+++ b/laravel/session.php
@@ -24,11 +24,6 @@ class Session {
 	 */
 	public static function start($driver)
 	{
-		if (Config::get('application.key') === '')
-		{
-			throw new \Exception("An application key is required to use sessions.");
-		}
-
 		static::$instance = new Session\Payload(static::factory($driver));
 	}


--- a/laravel/session/payload.php
+++ b/laravel/session/payload.php
@@ -8,11 +8,6 @@ use Laravel\Session;
 use Laravel\Session\Drivers\Driver;
 use Laravel\Session\Drivers\Sweeper;

-if (Config::get('application.key') === '')
-{
-	throw new \Exception("An application key is required to use sessions.");
-}
-
 class Payload {

 	/**