Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Allow cookies to only be created once user gives authorisation

Status
Not open for further replies.

star171

Programmer
Apr 13, 2012
18
GB
Hello,

I am wanting to have a prompt on my webpage load that asks the user if they allow the use of cookies, this is in line with new european directives that are due to come into force.

Once I get the user permission that is when I want the cookie to be set. I have the code to create the cookie and set the expiry on it to be 2 years:
Code:
<script type="text/javascript">
Set_Cookie( 'websitecookie', 'cookiecreated', 730, '/', '', '' )
{

var today = new Date();
today.setTime( today.getTime() );

if ( expires )
{
expires = expires 730*24*60*60000;
}
var expires_date = new Date( today.getTime() + (expires) );

document.cookie = name + "=" +escape( value ) +
( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) +
( ( path ) ? ";path=" + path : "" ) +
( ( domain ) ? ";domain=" + domain : "" ) +
( ( secure ) ? ";secure" : "" );
}

</script>

My code for google analytics is in the page footer, can anyone help with an if statement around the analytics code, which looks to see if the cookie 'websitecookie' has been created then allow the analytics cookies, otherwise do not allow the google analytics cookies to be created.

thank you.
 
What I do is put on the page, or an additional page and state something like

"This site uses cookies for the optimal operation to store preferences and non-critical information. If you do not wish to use cookes, please disable them in your browser, or use a browser that does not support cookies"

Understand that I am in the US and do not know the detailsof what the European laws are enforcing and this may not work.

Walt
IT Consulting for Robert Half
 
Thanks NESWalt,

This is not allowed for European sites under the new laws which will be coming into force.

New laws make it compulsary for you to get the users consent, and until you don't get their consent you cannot place any cookies on this machine.

This is the reason why I want to have a checkbox or a button which is diplayed on the page and once the button is clicked or the checkbox selected, only then are the cookies created, otherwise no cookie is created on the clients machine.

thanks
 
Hi

What will happen if the visitor disagrees with the use of cookies ?
[ul]
[li]The site will drive him mad by asking for cookie permission before displaying every page.[/li]
[li]You will save their choice in a cookie.[/li]
[/ul]


Feherke.
 
Ideally we wouldn't want the visitor to disagree.

But if they disagree, then I don't want any cookies to be created. The cookie value if accepted will be accepted and if not it will be declined, if that is possible.
 
I think what feherke is getting at is that since he did not accept cookies, you'll be asking him about it on every page he visits on your site because since no cookies can be set as per their selection then there's no way to remember their choice on the matter.

Of course if the cookie checking will only happen in a single page then the point is mostly moot.

Anyway something like this should work.
Code:
function cookieExists(cookieName){

	if(!cookieName || cookieName=''){
		return false;
	}
	var cookies = document.cookie.split(";");
	var cookieNames = new Array();
	for( x in cookies){
		cookieNames.push(cookies[x].substr(0,cookies[x].indexOf("=")));
	}
	for(x in cookieNames){
		if(cookieNames[x] == cookieName){
			return true;
		}
	}
return false;
}


...


if(cookieExists('thecookieName')){

   //analytics code here

}







----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

Web & Tech
 
This just goes to show you the depth of stupidity that our lawmakers possess to "protect us from ourselves"... sigh

So, if a user decides not to use cookies, otherwise the site doesn't functino right, any idea of what you are going to do?



Walt
IT Consulting for Robert Half
 
Thanks vacunita, I will work with your solution.

Good question NESWalt, from all the current guidelines out there it seems if the user decides not to have cookies, they will end up getting a website that does not function well at all, the lawmakers do not seem to be too concerned about that.

 
I wonder if they actually considered the irony/paradox of having to set a cookie to indicate the users choice of NOT having cookies set??

If so, I bet it was a somewhat entertaining, Big Bang Theory style discussion.

Chris.

Indifference will be the downfall of mankind, but who cares?
Time flies like an arrow, however, fruit flies like a banana.
Webmaster Forum
 
Can i just run my code past you please, to check if I'm on the right track as javascript is not really my strong point.

Code:
<input type="checkbox" onclick="Set_Cookie()">

Header code to create the cookie:
Code:
<script type="text/javascript">
Set_Cookie( 'websitecookie', 'cookiecreated', 730, '/', '', '' )
{
// set time, it's in milliseconds
var today = new Date();
today.setTime( today.getTime() );

if ( expires )
{
expires = expires 730*24*60*60000;
}
var expires_date = new Date( today.getTime() + (expires) );

document.cookie = name + "=" +escape( value ) +
( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) +
( ( path ) ? ";path=" + path : "" ) +
( ( domain ) ? ";domain=" + domain : "" ) +
( ( secure ) ? ";secure" : "" );
}

</script>

Code in the footer to

Code:
<script type="text/javascript">
function cookieExists(websitecookie){

    if(!websitecookie || websitecookie=''){
        return false;
    }
    var cookies = document.cookie.split(";");
    var cookieNames = new Array();
    for( x in cookies){
        cookieNames.push(cookies[x].substr(0,cookies[x].indexOf("=")));
    }
    for(x in cookieNames){
        if(cookieNames[x] == websitecookie){
            return true;
        }
    }
return false;
}
if(cookieExists('websitecookie')){

   //my analytics code here

}
</script>

Can you please advise if i am on the right tracks here?
 
I would load a front page that ask for permission to use cookies; if the user says no then branch to a second "web site" that does not use cookies at all. Which brings me to my main point; these new laws are going to require developers to develop dual sites for every site they develop. My Question to you all that these rules apply to: Do these laws apply only to sites that are on servers physically in Europe? If not, how do they plan to enforce this law on US servers?
 
Thanks Prattaratt,

The website i work with has thousands of pages so the option of another website which is cookie free would not be an option for us, however yes that still leaves the question of what to do with the people who say no to cookies...

As for the law, I don't think it relates to where the site is hosted, i think it is for sites that are based in Europe, so that information could be found from contact pages, however i'm not 100% sure on this.
 
Do you mean a popup prattarratt?

Can anyone have a look at my javascript code, to check if it is on the right lines?

thank you.
 
@ Ferhenke: You make it the index page
@ Star171: Hopefully, not all the pages would require the use of cookies. I would only revamp the ones that do and check for the existance of the cookie that is created at the permission page; if it does not exist, then load the non cookie-page.
 
right off the bat I see several errors:

Code:
<script type="text/javascript">
[green]//missing 'function' declaration here[/green]Set_Cookie( 'websitecookie', 'cookiecreated', 730, '/', '', '' ) [green]//You are defining values you never use, without any variable name so can't actually be used even if you wanted to[/green]
{
// set time, it's in milliseconds
var today = new Date();
today.setTime( today.getTime() );
[green]//expires is never set anywhere so it will always be false[/green]
if ( expires )
{
expires = expires 730*24*60*60000; [green]//not sure what you are trying to do there Expires equals expires and then you have some numbers being multiplied next to it, but that have no bearing on it?  Maybe a missing multiplier? "*" [/green]
}
var expires_date = new Date( today.getTime() + (expires) );

document.cookie = name + "=" +escape( value ) +
( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) +
( ( path ) ? ";path=" + path : "" ) +
( ( domain ) ? ";domain=" + domain : "" ) +
( ( secure ) ? ";secure" : "" );
}

</script>

Other than that, the general logic is o.k. to create the cookie.

----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

Web & Tech
 
changed it to below but still not getting the cookie set:

Code:
function Set_Cookie( name, value, expires, path, domain, secure )
{
name = websitecookie;
value = cookiecreated;
// set time, it's in milliseconds

var today = new Date();
today.setTime( today.getTime() );

if ( expires )
{
expires = expires 730*24*60*60000;
}
var expires_date = new Date( today.getTime() + (expires) );

document.cookie = name + "=" +escape( value ) +
( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) +
( ( path ) ? ";path=" + path : "" ) +
( ( domain ) ? ";domain=" + domain : "" ) +
( ( secure ) ? ";secure" : "" );
}

</script>
 
There are still errors:

Code:
function Set_Cookie( name, value, expires, path, domain, secure )
{
name = websitecookie; [green]//websitecookie isn't defined anywhere[/green]
value = cookiecreated; [green]//Same as above[/green]
// set time, it's in milliseconds

var today = new Date();
today.setTime( today.getTime() );

if ( expires )
{
expires = expires 730*24*60*60000; [green]//Same issue as before. I'm guessing you want to multiply "expires" by the numbers that follow. missing the "*" multiplier. [/green]
}
var expires_date = new Date( today.getTime() + (expires) );

document.cookie = name + "=" +escape( value ) +
( ( expires ) ? ";expires=" + expires_date.toGMTString() : "" ) +
( ( path ) ? ";path=" + path : "" ) +
( ( domain ) ? ";domain=" + domain : "" ) +
( ( secure ) ? ";secure" : "" );
}

</script>



----------------------------------
Phil AKA Vacunita
----------------------------------
Ignorance is not necessarily Bliss, case in point:
Unknown has caused an Unknown Error on Unknown and must be shutdown to prevent damage to Unknown.

Web & Tech
 
Thanks for your help vacunita,

name = websitecookie;
value = cookiecreated;

I thought i defined the variable in the:
Code:
function Set_Cookie( name, value, expires, path, domain, secure )

Can you please advise how to sort this please?
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top