History: Overview of Cookies Used in Tiki
Source of version: 6
Copy to clipboard
! Overview of Cookies Used in Tiki
!! List of cookies and consent requirements
Here is the list of cookies along with whether they require user consent and their duration:
"__Duration: default__" means that it is a session cookie, and it will expire once the session ends.
# 1 __comments.php__
The cookie is set twice without consent.
__Duration:__ default
__Name:__ comzone
__Use:__ The cookie value determines whether the comments section should be shown or hidden.
# 2 __tiki-discount.php__
The cookies are set once without consent.
__Duration:__ default
__Name:__ tabs
__Use:__ The tabs cookie is used to store the current tab that the user is viewing in the discount management interface.
# 3 __tiki-login.php__
The cookie is set once without consent.
__Duration:__ defined in $prefs'remembertime'
__Name:__ the cookie name is dynamically generated based on the site's configuration to avoid naming conflicts when multiple Tiki installations are on the same domain.
__Use:__ this cookie allows users to remain logged in even after closing the browser, as long as the cookie is valid and hasn't expired.
# 4 __tiki-setup_base.php__
The cookie is set once without consent.
__Duration:__ 1 year
__Name:__ Dynamic name in $extra_cookie_name
__Use:__ Used to confirm that the current user is indeed the owner of the session.
# 5 __tiki-setup.php__
The cookies are set once, require consent, and get deleted as per the user's preference.
# 6 __lib/tiki-js.js__
The script creates a custom `setCookie` function with the following features:
- Checks if the cookie already exists to avoid duplication.
- Handles expiration by defaulting to one year or session cookies.
- Integrates consent management by using an alternative storage mechanism (`tiki-cookie-jar.php`) when cookies are not allowed. If the alternative fails, it falls back to setting cookies in the browser directly.
In this file, the cookies are set once without consent.
__Duration: default__
# 7 __lib/tikiaccesslib.php__
The cookies are set once.
__Duration: default__ (likely does not require explicit consent as it is used for essential security purposes, e.g., CSRF protection).
# 8 __lib/tikilib.php__
The cookies are set once without consent.
__Duration: 300 days__
# 9 __lib/userslib.php__
This code deletes an existing cookie.
# 10 - __lib/banners/bannerlib.php__
The cookies are set once without consent.
__Duration__: 90 days (or until a specified date).
# 11 __lib/ckeditor_tiki/tiki-ckeditor.js__
The cookies are set three times without consent.
__Duration: default__
# 12 __lib/comments/commentslib.js__
The cookies are set three times without consent.
__Duration: default__
# 13 __lib/jquery_tiki/tiki-admin.js__
The cookies are set once without consent.
__Duration: default__
# 14 __lib/jquery_tiki/tiki-connect.js__
The cookies are set once without consent.
__Duration: default__
# 15 __lib/jquery_tiki/tiki-jquery.js__
The cookies are set eight times without consent.
__Duration: default__
# 16 __lib/setup/cookies.php__
The script sets cookies via `setcookie()` or stores them in `$_SESSION'tiki_cookie_jar'`.
When cookies are disabled without requesting explicit consent, the cookie duration is defined by the `$expire` parameter, defaulting to a session cookie if not specified.
# 17 __lib/setup/javascript.php__
The script sets cookies five times, does not request consent.
__Duration: default__
# 18 __lib/smarty_tiki/BlockHandler/Tabset.php__
The script sets the cookie once, does not request consent.
__Duration: default__
# 19 __lib/soap/soaplib.php__
The script sets cookies multiple times depending on the `$this->cookies` array, with the `allowCookies` variable suggesting that user consent is respected.
__Duration: default__
# 20 __lib/soap/nusoap/nusoap.php__
The script sets cookies multiple times via the `setCookie()` method, likely without explicit consent management within the method itself.
The cookies' duration is unspecified, defaulting to session cookies.
# 21 __lib/tikihelp/menu/ftiens4.js__
The script sets the cookie nine times, does not request consent.
__Duration: default__
# 22 __templates/remarksbox.tpl__
The cookies are set once without consent.
__Duration: default__
# 23 __templates/tiki-editpage.tpl__
The cookies are set once without consent.
__Duration: default__
# 24 __templates/tiki-preview.tpl__
The script sets cookies three times, does not request consent.
__Duration: default__
# 25 __templates/tiki-view_forum.tpl__
The script sets cookies twice, does not request consent.
__Duration: default__
# 26 __tiki_tests/tiki-tests_record.php__
The script sets cookies twice, does not request consent.
The cookies are session cookies (expire when the browser is closed).
__Duration: default__
# 27 __tiki_tests/tikitestslib.php__
The script sets cookies two times (to delete them by setting an expiration time in the past), does not request consent.
The cookies are set to expire immediately (`time() - 3600`).