<?php

/*
 * This file is part of the package thucke/th-rating.
 *
 * For the full copyright and license information, please read the
 * LICENSE file that was distributed with this source code.
 */

namespace WapplerSystems\BookmarksLikesRatings\Service;

use TYPO3\CMS\Core\Log\LogLevel;
use TYPO3\CMS\Core\Utility\GeneralUtility;

/**
 * Service for setting cookies like Typo3 does
 *
 * @version $Id:$
 * @license http://opensource.org/licenses/gpl-license.php GNU protected License, version 2
 */
class CookieService extends AbstractExtensionService
{
    /**
     * Indicator for cookieProtection has been set
     * @var bool
     */
    protected $cookieProtection = false;

    /**
     * Gets the domain to be used on setting cookies.
     * The information is taken from the value in $GLOBALS['TYPO3_CONF_VARS']['SYS']['cookieDomain'].
     * Protected function taken from t3lib_userAuth (t3 4.7.7)
     *
     * @return string  The domain to be used on setting cookies
     */
    protected function getCookieDomain()
    {
        $result = '';
        $cookieDomain = $GLOBALS['TYPO3_CONF_VARS']['SYS']['cookieDomain'];
        // If a specific cookie domain is defined for a given TYPO3_MODE,
        // use that domain
        if (!empty($GLOBALS['TYPO3_CONF_VARS']['FE']['cookieDomain'])) {
            $cookieDomain = $GLOBALS['TYPO3_CONF_VARS']['FE']['cookieDomain'];
        }
        if ($cookieDomain) {
            if ($cookieDomain[0] === '/') {
                $match = [];
                /** @noinspection PhpUsageOfSilenceOperatorInspection */
                $matchCnt = @preg_match(
                    $cookieDomain,
                    GeneralUtility::getIndpEnv('TYPO3_HOST_ONLY'),
                    $match
                );
                if ($matchCnt === false) {
                    $this->logger->log(
                        LogLevel::ERROR,
                        'getCookieDomain: The regular expression for the cookie domain contains errors.' .
                        'The session is not shared across sub-domains.',
                        ['cookieDomain' => $cookieDomain, 'errorCode' => 1399137882]
                    );
                } elseif ($matchCnt) {
                    $result = $match[0];
                }
            } else {
                $result = $cookieDomain;
            }
        }

        return $result;
    }

    /**
     * Sets the cookie
     * Protected function taken from t3lib_userAuth (t3 4.7.7)
     *
     * @param    string $cookieName identifier for the cookie
     * @param    string $cookieValue cookie value
     * @param    int $cookieExpire expire time for the cookie (UNIX timestamp)
     *
     * @throws Exception
     */
    public function setVoteCookie($cookieName, $cookieValue, $cookieExpire = 0): void
    {
        // do not set session cookies
        if (!empty($cookieExpire)) {
            $settings = $GLOBALS['TYPO3_CONF_VARS']['SYS'];
            // Get the domain to be used for the cookie (if any):
            $cookieDomain = $this->getCookieDomain();
            // If no cookie domain is set, use the base path:
            $cookiePath = ($cookieDomain ? '/' : GeneralUtility::getIndpEnv('TYPO3_SITE_PATH'));
            // Use the secure option when the current request is served by a secure connection:
            $cookieSecure = (bool)$settings['cookieSecure'] && GeneralUtility::getIndpEnv('TYPO3_SSL');
            // Deliver cookies only via HTTP and prevent possible XSS by JavaScript:
            $cookieHttpOnly = (bool)$settings['cookieHttpOnly'];

            // Do not set cookie if cookieSecure is set to "1" (force HTTPS) and no secure channel is used:
            if ((int)$settings['cookieSecure'] !== 1 || GeneralUtility::getIndpEnv('TYPO3_SSL')) {
                setcookie(
                    $cookieName,
                    $cookieValue,
                    (int)$cookieExpire,
                    $cookiePath,
                    $cookieDomain,
                    $cookieSecure,
                    $cookieHttpOnly
                );
                $this->cookieProtection = true;
                $this->logger->log(
                    LogLevel::INFO,
                    'setVoteCookie: Cookie set',
                    [
                                        'cookieName' => $cookieName,
                                        'cookieValue' => $cookieValue,
                                        'cookieExpire' => $cookieExpire,
                                        'cookiePath' => $cookiePath,
                                        'cookieDomain' => $cookieDomain,
                                        'cookieSecure' => $cookieSecure,
                                        'cookieHttpOnly' => $cookieHttpOnly,
                                    ]
                );
            } else {
                throw new Exception(
                    "Cookie was not set since HTTPS was forced in \$GLOBALS['TYPO3_CONF_VARS'][SYS][cookieSecure].",
                    1254325546
                );
            }
        }
    }

    /**
     * Return if cookie protection has been set
     *
     * @return bool
     */
    public function isProtected()
    {
        return $this->cookieProtection;
    }
}