badabingbreda/cookie-connector-ajax.php

## cookie-connector-ajax.php
<?php

add_action( 'wp_enqueue_scripts' , 'cookie_connector_secure_ajax', 10, 1 );

/**
 * Add Cookie Connector with secured access
 * add cookie security nonce that gets checked on call
 * @return [type] [description]
 */
function cookie_connector_secure_ajax() {
	wp_enqueue_script(
	  'cookie-connect-security',
	  COOKIECONNECTOR_URL . 'js/cookieconnector.js',
	  [ 'jquery' ],
	  false,
	  true
	);

	wp_localize_script(
	  'cookie-connect-security',
	  'cookie_ajax_object',
	  [
	    'ajax_url'  => admin_url( 'admin-ajax.php' ),
	    'security'  => wp_create_nonce( 'cookie-security-nonce' ),
	  ]
	);
}

add_action( 'wp_ajax_cookie_connector_set' , 'set_cookie' );
add_action( 'wp_ajax_cookie_connector_unset' , 'set_cookie' );
add_action( 'wp_ajax_nopriv_cookie_connector_set' , 'set_cookie' );
add_action( 'wp_ajax_nopriv_cookie_connector_unset' , 'set_cookie' );


/**
 * Set the cookie, check for security nonce first
 * check for accepted cookie compliance from Cookie Notice plugin (we don't want to piss people off)
 *
 * Set the cookie using
 * cn (cookie name)
 * cv (cookie value)
 * valid (validity in seconds)
 *
 */
function set_cookie() {

	if( ! check_ajax_referer( 'cookie-security-nonce' , 'security' ) ) {
		wp_send_json_error( 'Invalid security token sent.' );
		wp_die();
	}

	if ( !function_exists('cn_cookies_accepted') || !cn_cookies_accepted() ) {
	    wp_die();
	}

	if ( !defined( 'DOING_AJAX' ) ) define( 'DOING_AJAX' , TRUE );

	$cookie_name = isset( $_GET[ 'cn' ] ) ? $_GET['cn'] : false;

 	$cookie_value = isset( $_GET['cv'] ) ? $_GET['cv'] : false;

 	// serialize the data if it's an array
 	if ( is_array( $cookie_value ) ) $cookie_value = json_encode( $cookie_value );

 	if ( isset( $_GET['bool'] ) ) $cookie_value = (boolean) $cookie_value;

	if ( ! $cookie_name ) {
		wp_send_json_error( array( 'success'=> false , 'error' => '401', 'message' => 'cookie not set/unset, no name given. ( cn )' ) );
		wp_die();
	}
	if ( ! $cookie_value && $_GET['action'] == 'cookie_connect_set' ) {
		wp_send_json_error( array( 'success' => false, 'error' => '402', 'message' => 'cookie not set, no value given. ( cv )' ) );
		wp_die();
	}

 	$cookie_valid = isset( $_GET['valid'] ) ? $_GET['valid'] : 60 * 60;


 	if ( 'cookie_connector_unset' == $_GET['action'] ) {
	 	setcookie( $cookie_name , $cookie_value , time() - 1 , COOKIEPATH, COOKIE_DOMAIN , isset($_SERVER["HTTPS"]) );
 		wp_send_json( array( 'success' => true, 'message' => "Done unsetting cookie '{$cookie_name}'." ) );
 	} else {
	 	setcookie( $cookie_name , $cookie_value , time() + $cookie_valid , COOKIEPATH, COOKIE_DOMAIN , isset($_SERVER["HTTPS"]), true );
 		wp_send_json( array( 'success' => true, 'message' => "Done setting cookie '{$cookie_name}' to value '{$cookie_value}' with validity $cookie_valid seconds." ) );
 	}

 	wp_die();
}