From c20c3959a395bc285ecf80d7eb1d4d9e03d708fd Mon Sep 17 00:00:00 2001
From: tianya <yanghuxiao@vip.qq.com>
Date: Fri, 24 Nov 2023 22:15:36 +0800
Subject: [PATCH] =?UTF-8?q?iframe=E7=9A=84cookie=E5=B1=9E=E6=80=A7samesite?=
 =?UTF-8?q?=E9=97=AE=E9=A2=98=E5=A4=84=E7=90=86?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 src/system/helpers/cookie.helper.php | 34 ++++++++++++++++++++++++----
 1 file changed, 29 insertions(+), 5 deletions(-)

diff --git a/src/system/helpers/cookie.helper.php b/src/system/helpers/cookie.helper.php
index fee8cea0..ae58fdc8 100755
--- a/src/system/helpers/cookie.helper.php
+++ b/src/system/helpers/cookie.helper.php
@@ -3,7 +3,7 @@ if (!defined('DEDEINC')) exit ('dedebiz');
 /**
  * Cookie处理助手
  *
- * @version        $id:cookie.helper.php 13:58 2010年7月5日 tianya $
+ * @version        $id:cookie.helper.php 2023年11月24日 tianya $
  * @package        DedeBIZ.Helpers
  * @copyright      Copyright (c) 2022 DedeBIZ.COM
  * @license        GNU GPL v2 (https://www.dedebiz.com/license)
@@ -22,8 +22,20 @@ if (!function_exists('PutCookie')) {
     function PutCookie($key, $value, $kptime = 0, $pa = "/")
     {
         global $cfg_cookie_encode, $cfg_domain_cookie;
-        setcookie($key, $value, time() + $kptime, $pa, $cfg_domain_cookie);
-        setcookie($key.'__ckMd5', substr(md5($cfg_cookie_encode.$value), 0, 16), time() + $kptime, $pa, $cfg_domain_cookie);
+        if(version_compare(PHP_VERSION, '7.3.0', '>=')){
+            $options = array(
+                "expires"=>time() + $kptime,
+                'path' => $pa,
+                'domain' => $cfg_domain_cookie,
+                'samesite' => 'None',
+                'secure' => true,
+            );
+            setcookie($key, $value, $options);
+            setcookie($key.'__ckMd5', substr(md5($cfg_cookie_encode.$value), 0, 16), $options);
+        } else {
+            setcookie($key, $value, time() + $kptime, $pa.'; SameSite=None; Secure', $cfg_domain_cookie);
+            setcookie($key.'__ckMd5', substr(md5($cfg_cookie_encode.$value), 0, 16), time() + $kptime, $pa.'; SameSite=None; Secure', $cfg_domain_cookie);
+        }
     }
 }
 /**
@@ -36,8 +48,20 @@ if (!function_exists('DropCookie')) {
     function DropCookie($key)
     {
         global $cfg_domain_cookie;
-        setcookie($key, '', time() - 360000, "/", $cfg_domain_cookie);
-        setcookie($key.'__ckMd5', '', time() - 360000, "/", $cfg_domain_cookie);
+        if(version_compare(PHP_VERSION, '7.3.0', '>=')){
+            $options = array(
+                "expires"=>time() - 360000,
+                'path' => "/",
+                'domain' => $cfg_domain_cookie,
+                'samesite' => 'None',
+                'secure' => true,
+            );
+            setcookie($key, "", $options);
+            setcookie($key.'__ckMd5', "", $options);
+        } else {
+            setcookie($key, '', time() - 360000, "/; SameSite=None; Secure", $cfg_domain_cookie);
+            setcookie($key.'__ckMd5', '', time() - 360000, "/; SameSite=None; Secure", $cfg_domain_cookie);
+        }
     }
 }
 /**