diff options
author | robocoder <anthon.pang@gmail.com> | 2010-12-18 16:41:53 +0300 |
---|---|---|
committer | robocoder <anthon.pang@gmail.com> | 2010-12-18 16:41:53 +0300 |
commit | ee6efcb8701c3378481c71245651e71389001084 (patch) | |
tree | 0a985d10c2212efcd4585b25aee78f0c8265eede /core/Cookie.php | |
parent | cc145e464d11db069176ddd1a4aa5da08a533c48 (diff) |
fixes #1900 - use safe_unserialize() for third-party content; for signed cookies, replace serialize/unserialize with more compact, json_encode()/json_decode()
git-svn-id: http://dev.piwik.org/svn/trunk@3460 59fd770c-687e-43c8-a1e3-f5a4ff64c105
Diffstat (limited to 'core/Cookie.php')
-rw-r--r-- | core/Cookie.php | 13 |
1 files changed, 3 insertions, 10 deletions
diff --git a/core/Cookie.php b/core/Cookie.php index 02bb1a2aee..17083f5708 100644 --- a/core/Cookie.php +++ b/core/Cookie.php @@ -67,7 +67,7 @@ class Piwik_Cookie const VALUE_SEPARATOR = ':'; /** - * Instanciate a new Cookie object and tries to load the cookie content if the cookie + * Instantiate a new Cookie object and tries to load the cookie content if the cookie * exists already. * * @param string cookie Name @@ -226,10 +226,7 @@ class Piwik_Cookie // no numeric value are base64 encoded so we need to decode them if(!is_numeric($varValue)) { - $varValue = base64_decode($varValue); - - // some of the values may be serialized array so we try to unserialize it - $varValue = Piwik_Common::unserialize_array($varValue); + $varValue = json_decode(base64_decode($varValue)); } $this->value[$varName] = $varValue; @@ -249,11 +246,7 @@ class Piwik_Cookie { if(!is_numeric($value)) { - if(is_array($value)) - { - $value = serialize($value); - } - $value = base64_encode($value); + $value = base64_encode(json_encode($value)); } $cookieStr .= "$name=$value" . self::VALUE_SEPARATOR; |