Customizing SMF > SMF Coding Discussion

[WIP/BETA] EU cookie law

<< < (3/50) > >>

CircleDock:

--- Quote from: aljo1985 on April 22, 2012, 08:15:38 PM ---Hey emanuele,

Could you modify the code so that the cookie agreement only has to be accepted once. As there is no requirement for them to have to keep accepting on every visit.

I know you set the cookie to say its accepted, but would it not be best to store this value in the database?

--- End quote ---

That is precisely the way it is working at the moment! Emanuele's code tests for the presence of EITHER the "CookieAcceptance Cookie" (ecl_auth) OR a "regular members" cookie and if either is found, then there is no requirement to get another acceptance from the user.

There is a problem with his code, however, which has just occurred to me. If, having accepted cookies, the visitor then logs-on but does NOT set his session time to be 'forever', then his "regular members" cookie will be removed as indeed so will his "CookieAcceptanceCookie" when he closes his browser. The fix for that is very simple:

Search for:
--- Code: ---        setcookie('ecl_auth', 1, 0, '/');
--- End code ---

Replace with:
--- Code: ---        setcookie('ecl_auth', 1, time() + 189345600, '/');    // 60*60*24*365.25*6
--- End code ---

That will set a 6 year cookie (the same length of time as SMF's 'forever' cookie.

You can, if you wish, replace the numerical value 1 with a descriptive string so that the visitor will know the purpose of that cookie - eg:
--- Code: ---setcookie('ecl_auth', 'EU_Cookie_Acceptance', time() + 189345600, '/');
--- End code ---

You can not store the cookie acceptance value in the database because guests must also be prompted to accept cookies and, unless they register, they have no details to store in the database.

emanuele:
The first issue I opened is exactly about that. Make it 6 years is in my opinion a bit too much. I'd set it to no more that a month or a year.

P.S.
I'm playing with a couple of ideas, I hope to have something ready in the next few days. I think it will be...nice. :P

CircleDock:
Take a look at the attached package which is a combination of Javascript and PHP. It has the advantage of scalability as some EU nations may require separate "opt-ins" for first and third-party cookies (the UK currently does not require this).

You can see it in action here:

--- Code: ---http://www.allaboutcookies.org/

--- End code ---
but the only missing item is a link to a Privacy Policy page. That may be a configuration setting within the package.

I rather like this implementation as the acceptance window is modal and it also overcomes the problem of "shared PCs" - where the owner may not be aware of what cookies have been set by others using the computer.

feline:

--- Quote from: emanuele on April 26, 2012, 01:01:37 PM ---The first issue I opened is exactly about that. Make it 6 years is in my opinion a bit too much. I'd set it to no more that a month or a year.
--- End quote ---
I mean, that the max lifetime for cookies is limited to one year..  ::)

CircleDock:

--- Quote from: feline on April 27, 2012, 07:32:18 PM ---
--- Quote from: emanuele on April 26, 2012, 01:01:37 PM ---The first issue I opened is exactly about that. Make it 6 years is in my opinion a bit too much. I'd set it to no more that a month or a year.
--- End quote ---
I mean, that the max lifetime for cookies is limited to one year..  ::)

--- End quote ---
Yeah but as the cookie would expire and would/should be,removed by the browser, the member would have to re-accept cookies. The longer that is delayed, the better. in my view.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version