Customizing SMF > SMF Coding Discussion
[WIP/BETA] EU cookie law
CircleDock:
--- Quote from: Arantor on May 21, 2012, 08:08:21 PM ---
--- Quote ---Oh I agree with you but that's not the point. I'm too cynical to believe that the ICO will take action against another agency of government - including themselves!
--- End quote ---
What, the old boy's club? Heh, no chance.
But there are many provisions in the law itself (and not the layman's advice) about working towards compliance and that action, if taken, will be lessened if the site is making an effort towards compliance as best they are able.
--- End quote ---
But this is my whole point. If we were to adopt the ICO stance and claim we're waiting on a solution from our software providers, we'd be using that excuse for .... well, rather a long time. Let's face it, there's been no attempt by SMF, officially at least, to provide a solution - not helped, it has to be said, by certain staff virtually encouraging others (ie us Europeans) to break the law. But I rather imagine that were it to be US Federal Law, an update would have been issued to specifically address the issue. (Another reason to be grateful that Wedge is Anglo-French!)
CircleDock:
--- Quote from: Arantor on May 21, 2012, 08:20:21 PM ---That only solves a fraction of the problem, though, doubly so with logged in users (where both the main and session cookies get a 6 year life time) - some browsers actually treat that as end of session rather than 'from here on'.
--- End quote ---
Oh I'm not talking about logged-on users since they would have to accept cookies. I'm talking about guests who could be served both first and third-party cookies.
But I do agree, many browsers are broken in that respect so I guess it's a non-starter.
feline:
--- Quote from: CircleDock on May 21, 2012, 08:17:21 PM ---I don't know whether this would be satisfactory in compliance terms, but how about this: just before serving the page, check $_COOKIE and for each cookie found:
--- Code: ---setcookie("cookieName", "", mktime(12,0,0,1, 1, 1990));
--- End code ---
--- End quote ---
that should not work .. make a simple test with the default theme ..
click on the header upshrink icon .. look at the cookies and you find one "upshrink" ..
Because the site is not reloaded at this time you have a ECL violation ;)
Same problem if you have a non modal ECL accept ...
emanuele:
--- Quote from: CircleDock on May 21, 2012, 06:56:10 PM ---I'm not sure if Emanuele's modification is SMF's official answer to the issue but if not then what is?
--- End quote ---
No, it's not.
[Cynical mode ON]
At the moment it's just a personal way to play with cookies (that I know very less about), so from my personal point of view it's not even a way to address the problem. :P
[Cynical mode OFF]
If at any time the others think they want to adopt it anyway they are free to do.
--- Quote from: CircleDock on May 21, 2012, 06:56:10 PM ---The real answer - and the long-term solution - must come from SMF since it is their software that is serving the pages. Surely it must be possible for the "system" to strip-out cookies from the prepared pages prior to serving them?
--- End quote ---
Please note that even if SMF would provide a "long-term solution" it would be strictly related to the cookies set by SMF itself, SMF cannot in any way control 3rd-party cookies.
SMF cannot control GA or other tracking things added by the admin by means of a mod or direct code edit.
That said, what I'm (kind of) working on for this mod is a function that scans the files present in the SMF directories looking for setcookie and then gives an admin interface to deal with each cookie one by one (and hopefully to give users the possibility to accept single cookies too).
Unfortunately at the moment I'm already doing few other things and I don't have many time to dedicate to this idea (part of the code is already written, but a big part is not), if I can finish off the two IPB converters I'm working on (or if you find someone that wants to work on them instead of me :P) I'll come back to this.
nend:
With some installations of PHP you can rename the setcookie function. Then from there you can override it with a custom function that will check if the user has accepted cookies. From the overridden function you can call the renamed setcookie function.
The procedure above is only viable for those who have a optional Zend extension installed.
For the rest though why not set up a custom function for SMF that handles all cookies and sessions then start rewriting SMF to use that function throughout the entire source. This will be the first step and maybe you can encourage mod authors to use this function to set the cookie instead of PHP's function.
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version