Customizing SMF > SMF Coding Discussion

[WIP/BETA] EU cookie law

<< < (41/46) > >>

MadTogger:
Hi,

just a quick question.

If my current members have accepted the cookie policy and I then install a MOD which creates a new cookie, how do I allow them to re-opt in if you know what I mean.

At the moment I have added the new cookie to the 'ecl_privacynotice.txt' file, which will display on new registrations and I send out a newsletter explaining the new cookie addition to my current members.

I suppose what I am wondering is if there is a way to re-initialise the acceptance header when new cookies are added.

Kind regards..,

MT

emanuele:
That's becoming complicated.

The only way (for the current implementation) I can think of to workaround this is to change the name of the "acceptance" cookie:

--- Code: --- elseif (isset($_COOKIE['ecl_auth']) || isset($_COOKIE[$cookiename]))
$storeCookies = true;
elseif (isset($_GET['cookieaccept']) || $override_accept)
{
setcookie('ecl_auth', 1, 0, '/');
--- End code ---
'ecl_auth' in the 1st and last line here.
That said, of course if a user is already logged in the bar will not be presented. Again you could workaround this limitation change also SMF's cookie name, that should "logout" all your users and force them to accept again everything.

CircleDock:
Alternatively you could serialise the names of all the cookies being accepted and store that data in the authorisation cookie. You'd also need to alter the "ecl_authorized_cookies" function to additionally read that data and compare the cookie names with those found in the $_COOKIE array; if an extra cookie is found (ie the one you just added) then the function should delete the authorisation cookie (by expiring it) and ecl_authorized_cookies() should return false.

This replacement function and the two additional ones that follow should do the trick:

--- Code: ---function ecl_authorized_cookies($override_accept = false)
{

    global $cookiename, $modSettings;

    static $storeCookies;
   
    if (isset($storeCookies) && !$override_accept)
        return $storeCookies;
   
    // Have any additional cookies been added?
    if  (!ecl_check_cookies())
        return false;

    if (isset($_SERVER['HTTP_X_MOZ']) && $_SERVER['HTTP_X_MOZ'] == 'prefetch' &&
        isset($_GET['cookieaccept']))
        $storeCookies = false;

    elseif (isset($_COOKIE['ecl_auth'])) // || isset($_COOKIE[$cookiename]))

        $storeCookies = true;

    elseif (isset($_GET['cookieaccept']))
    {
        ecl_setcookie(); // Set a 6 year cookie, the same as a "Forever" cookie in SMF
        $storeCookies = true;
    } else
        $storeCookies = false;

    if ((isset($_COOKIE[$cookiename])) && (!isset($_COOKIE['ecl_auth'])) && $storeCookies)
        [color=red]ecl_setcookie(); // Set a 6 year cookie, the same as a "Forever" cookie in SMF[/color]

    if (!$storeCookies && !empty($modSettings['ecl_strict_interpretation']))
        $modSettings['registration_method'] = 4;


    return $storeCookies;

}

// Checks if any additional cookies were set by the site since the last
// time the visitor was asked to accept cookies. If any were added, expire
// our cookie and return false (to signal that re-acceptance should be sought).
function ecl_check_cookies()
{
    $parts = explode('=', $_COOKIE['ecl_auth']);
    $accepted_cookies = explode('|', $parts[1]);
    // If our cookie has already been expired ...
    if (isempty($accepted_cookies))
        return false;
    //       
    $noExtraFound = true;
    foreach($_COOKIES as $cookie) {
        $_parts = explode('=', $cookie);
        if (!in_array($_parts[0], $accepted_cookies)) {
            $noExtraFound = false;
            break;
        }
    }
    if ($noExtraFound == false)
        setcookie('ecl_auth','', time()-3600, '/');

    return $extraFound;           
}

// Set our authorisation cookie to include all the names of the cookies
// currently set for this domain.
function ecl_setcookie()
{
    $cookies = 'ecl_auth|';  // Must include this!
    foreach($_COOKIES as $cookie) {
        $part = explode('=', $cookie);
        $cookies .= $part[0] . '|';
    }
    setcookie('ecl_auth', $cookies, time()+189345600, '/');
}

--- End code ---

Caveat: this code should work but it is untested!

fma965:
well my issue with prettyURLs and this still stands. no response from the prettyURL thread.

FrizzleFried:
I'm ignoring this "law".   If/when I ever get something in the mail from a lawyer,  I'll worry about it.  Until then,  they all can pound sand for all I care.

Navigation

[0] Message Index

[#] Next page

[*] Previous page

Go to full version