Customizing SMF > SMF Coding Discussion

[WIP/BETA] EU cookie law

<< < (23/46) > >>

feline:

--- Quote from: emanuele on May 24, 2012, 05:58:49 PM ---
--- Quote from: feline on May 24, 2012, 04:13:43 AM ---4. attach requests from guests they not have accepted ECL produce session errors
--- End quote ---
What do you mean by "attach requests"?

--- End quote ---
Look at Subs.php - function writeLog

--- Code: --- if (!empty($modSettings['who_enabled']))
{
$serialized = $_GET + array('USER_AGENT' => $_SERVER['HTTP_USER_AGENT']);

// In the case of a dlattach action, session_var may not be set.
if (!isset($context['session_var']))
Error->>> $context['session_var'] = $_SESSION['session_var'];

--- End code ---


--- Quote from: emanuele ---
--- Quote from: feline on May 24, 2012, 04:13:43 AM ---7. For Mobile devices not applicable
--- End quote ---
Why?

--- End quote ---
The screen is to big, to many text, so you see nothing of the content  ;)


--- Quote from: emanuele ---
--- Quote from: feline on May 24, 2012, 04:13:43 AM ---and much more problems they ends in a session error
--- End quote ---
That was expected, if anyone would mind to report when and where I can fix it.

--- End quote ---
I accumulate all the errors currently ...


--- Quote from: emanuele ---
--- Quote from: feline on May 24, 2012, 04:13:43 AM ---For WAP/WAP2/IMODE  and for Mobile devices the ECL accept is always Modal, because these devices are to small. Spider have always access to the site, also in Modal mode.

--- End quote ---
Well...I don't even care to show this to wap/2/imode: the register button is absent and if they login the know they accessing a service that needs cookies, so there is no problem as far as I'm concerned. For everything else the cookies are disabled.

--- End quote ---
This is not, what the ECL say .. you have to accept the cookies BEFORE you can take any action ...
So Login and Register must locked until the visutor have accept the ECL ..

ssullivan:

--- Quote from: feline on May 24, 2012, 06:31:21 PM ---
--- Quote from: emanuele ---
--- Quote from: feline on May 24, 2012, 04:13:43 AM ---7. For Mobile devices not applicable
--- End quote ---
Why?

--- End quote ---
The screen is to big, to many text, so you see nothing of the content  ;)
--- End quote ---
It's a lot of text, and they probably won't read it (since it will take them too much effort to do so), but they still have the right to accept or decline cookies. IMO.

feline:

--- Quote from: ssullivan on May 24, 2012, 08:25:39 PM ---It's a lot of text, and they probably won't read it (since it will take them too much effort to do so), but they still have the right to accept or decline cookies. IMO.

--- End quote ---
Yes .. but WE have a modal ECL accept on mobile devices .. can you see on our site  ;)

ssullivan:
I must accept it's a really neat solution. Maybe only trigger the message when the user clicks "register" or "login", so they aren't bothered by the same message in their screens on each page?
However I feel you'd have already done that if that was the case, there must be something I'm missing.

EDIT: Okay. The advertising and stats cookies. That's the reason  :D

CircleDock:

--- Quote from: feline on May 24, 2012, 06:31:21 PM ---This is not, what the ECL say .. you have to accept the cookies BEFORE you can take any action ...
So Login and Register must locked until the visutor have accept the ECL ..

--- End quote ---
That's not actually true. I'm not sure what the wording of the laws is for either the Danish or Latvian implementations of PECR. In the case of the UK's Data Privacy Act - which is known as the "Cookie Law" - a web site must not serve any cookie unless and until the visitor has specifically agreed to accept cookies from that web site. However the practical implications for SMF-powered sites is that visitors should be required to accept cookies in order to browse or register - particularly in view of the fact that the site may serve third-party cookies.

With that in mind, I would suggest that you remove the non-modal method and have only a modal dialog with a link to the privacy page that explains what cookies are served and their purpose. That, in my view, would ensure full compliance with UK Law - and probably PECR generally.

Incidentally, I have identified another cookie used by Google Analytics: "__utmv" which is a session cookie and appears to track which pages on the web site the visitor reads.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version