History: Overview of Cookies Used in Tiki
Source of version: 17 (current)
Copy to clipboard
! Overview of Cookies Used in Tiki !! List of cookies and consent requirements Here is the list of cookies along with whether they require user consent and their duration: "__Duration: default__" means that it is a session cookie, and it will expire once the session ends. # 1 __comments.php__ The cookie is set twice without consent. __Duration:__ default __Name:__ comzone __Use:__ The cookie value determines whether the comments section should be shown or hidden. # 2 __tiki-discount.php__ The cookies are set once without consent. __Duration:__ default __Name:__ tabs __Use:__ The tabs cookie is used to store the current tab that the user is viewing in the discount management interface. # 3 __tiki-login.php__ The cookie is set once without consent. __Duration:__ defined in $prefs'remembertime' __Name:__ the cookie name is dynamically generated based on the site's configuration to avoid naming conflicts when multiple Tiki installations are on the same domain. __Use:__ this cookie allows users to remain logged in even after closing the browser, as long as the cookie is valid and hasn't expired. # 4 __tiki-setup_base.php__ The cookie is set once without consent. __Duration:__ 1 year __Name:__ Dynamic value from $extra_cookie_name __Use:__ Used to confirm that the current user is indeed the owner of the session. # 5 __tiki-setup.php__ The cookies are set once, require consent, and get deleted as per the user's preference. # 6 __lib/tiki-js.js__ The script creates a custom `setCookie` function with the following features: - Checks if the cookie already exists to avoid duplication. - Handles expiration by defaulting to one year or session cookies. - Integrates consent management by using an alternative storage mechanism (`tiki-cookie-jar.php`) when cookies are not allowed. If the alternative fails, it falls back to setting cookies in the browser directly. In this file, the cookies are set once without consent. __Name:__ The name of the cookie is generated based on the data-name attribute of the .tabs element within the tab container. So, whatever value is stored in the data-name attribute of the .tabs element becomes the cookie's name. __Duration:__ Expires as soon as the browser is closed as its a session based cookie. # 7 __lib/tikiaccesslib.php__ The cookies are set once. __Duration:__ The duration of this CSRF cookie is set to 0, which means it is a session cookie. The cookie is temporary and is automatically deleted when the user closes their browser. __Name:__ The cookie name is generated by appending '_CSRF' to the session name, which is obtained using session_name() __Use:__ This cookie helps in CSRF protection by verifying the token during form submissions or sensitive actions. # 8 __lib/tikilib.php__ The cookies are set once without consent. __Duration:__ 300 days __Name:__ The name of the cookie is dynamically generated using the poll ID. __Use:__ This cookie helps manage voting sessions and ensures that the same user/IP doesn't vote more than once in a poll. # 9 __lib/userslib.php__ This code deletes an existing cookie. __Duration:__ When the user logs out, the function sets the cookie to expire immediately. This is achieved by setting a negative expiration time. __Name:__ The cookie name is stored in the global variable $user_cookie_site. __Use:__ The purpose of this cookie is to store session or authentication information related to the user’s login state. During logout, the cookie is cleared to ensure the user is logged out properly. # 10 - __lib/banners/bannerlib.php__ The cookies are set once without consent. __Duration__: 90 days (or until a specified date). __Name__: The cookie is named dynamically based on the banner's zone. __Use__: Tracks the user's impressions (views) of the banner using a cookie, and limits views if a maximum is specified. # 11 __lib/ckeditor_tiki/tiki-ckeditor.js__ The cookie is set three times, in two different part of the code, without consent. __Duration:__ The cookie is set to last for the duration of the session. This means it will be cleared once the browser session ends. __Name__: wysiwyg_inline_edit __Use:__ This cookie is used to track whether the inline editing mode for the page is enabled or disabled. It helps maintain the state of the page (whether it's in editing mode or not) across different actions. # 12 __lib/comments/commentslib.js__ The cookies are set three times without consent. __Duration: default__ __Name: anonymous_name, anonymous_email, anonymous_website. __Use:__ These cookies are used to store the user's anonymous name, email, and website when they submit a comment. The goal is to remember these details so the user doesn't need to re-enter them the next time they comment. # 13 __lib/jquery_tiki/tiki-admin.js__ The cookies are set once without consent. __Duration:__ default __Name:__ sidebar_collapsed __Use:__ The cookie sidebar_collapsed is set when the sidebar is collapsed, storing the value "y". When this cookie is present, the sidebar remains collapsed even after the user refreshes or revisits the page. If the cookie is deleted (when the sidebar is expanded), the sidebar returns to its expanded state. # 14 __lib/jquery_tiki/tiki-connect.js__ The cookies are set once without consent. __Duration:__ The cookie lasts for the duration of the browser session and is deleted when the browser is closed. __Name:__ show_tiki_connect __Use:__ The cookie tracks whether the "Connect Feedback" option is enabled or disabled in the admin interface elements. # 15 __lib/jquery_tiki/tiki-jquery.js__ Multiple cookies set without any consent. Most of them here save user preferences related to the User Interface, improving user experience without requiring them to reset preferences every time. __Duration:__ default 1. __Name:__ fgalKeepOpen __Use:__ To remember if a gallery or section should remain open based on the #keepOpenCbx checkbox state. 2. __Name:__ Depends on the __foo__ and __section__ parameters passed to hide() and show() functions. __Use:__ To remember the visibility state of specific elements. The cookie stores whether an element is hidden ("c") or shown ("o"). 3. ... # 16 __lib/setup/javascript.php__ The script sets multiple cookies, does not request consent. 1. __Name:__ javascript_enabled __Duration:__ Approximately 1 year (365 days). It sets the cookie with an expiry of one year in milliseconds. __Use:__ This cookie is used to ensure that JavaScript is enabled for better site functionality. 2. __Name:__ javascript_enabled_detect __Duration:__ 1 year __Use:__ This cookie counts the number of detection attempts. The goal is to stop checking after three failed attempts (i.e., when JavaScript remains undetected). 3. __Name:__ runs_before_js_detect __Duration:__ This cookie is deleted upon detection. __Use:__ This was a legacy cookie used in older versions of Tiki to track the number of times JavaScript detection was attempted. It is no longer in use, and the code deletes this cookie. __Key Behavior:__ If JavaScript is enabled, the system sets the javascript_enabled cookie to y and updates the preference. If JavaScript is disabled, or the detection fails after three attempts, the system sets the preference to n and stops further attempts to detect it. # 17 __lib/smarty_tiki/BlockHandler/Tabset.php__ The script sets the cookie once, does not request consent. __Duration:__ default __Name:__ Dynamic name (based on tabset) __Use:__ Keeps the selected tab or toggle state ("Tab View" or "No Tabs") across page reloads or visits. # 18 __lib/soap/soaplib.php__ The script sets cookies multiple times depending on the `$this->cookies` array, with the `allowCookies` variable suggesting that user consent is respected. __Duration:__ default __Name:__ Dynamically set from $cookieName (based on the server's response or request setup). __Use:__ Stores session-related information for maintaining state across SOAP requests. # 19 __lib/tikihelp/menu/ftiens4.js__ The script sets the cookie nine times, does not request consent. __Duration:__ default 1. __Name:__ clickedFolder __Use:__ Stores the ID of folders that were clicked/opened in the UI, preserving the state of open/closed folders. 2. __Name:__ highlightedTreeviewLink __Use:__ Stores the ID of the last clicked or highlighted node in a tree view. These cookies ensure folder and node states are consistent across sessions or page reloads. # 20 __templates/remarksbox.tpl__ The cookies are set once without consent. __Duration:__ default __Name:__ dynamic name in $remarksbox_cookiehash (a unique identifier for the specific remarks box) __Use:__ The cookie helps remember the state of the remarks box. Once closed by the user, this cookie ensures the box stays hidden (or closed) during future visits or page reloads. # 21 __templates/tiki-editpage.tpl__ The cookies are set once without consent. __Duration: default__ __Name:__ preview_diff_style __Use:__ The cookie is set when the user clicks the preview button during page editing to remember the chosen diff style in the preview pane. This allows the preview to maintain a consistent display style as the user makes edits. # 22 __templates/tiki-preview.tpl__ The script contains 2 cookies, does not request consent. __Duration: default__ 1. __Name:__ preview_diff_style __Use:__ This cookie stores the user's chosen style for how they want to see the differences between versions of the wiki page during editing. 2. __Name:__ wiki __Use:__ This cookie ensures that the height of the preview box remains consistent across the session. # 23 __templates/tiki-view_forum.tpl__ The script sets cookies twice, does not request consent. __Duration:__ default __Name:__ anonymous_name __Use:__ Stores the entered name of anonymous users when posting or previewing a comment, so the system remembers it during the session. # 24 __tiki_tests/tiki-tests_record.php__ The script contains two cookies, does not request consent. __Duration:__ expire when the browser is closed. 1. __Name:__ tikitest_record __Use:__ This cookie is used to track the state of a "test" or record-keeping process. 2. __Name:__ tikitest_filename __Use:__ Stores the name of the file associated with the current test or record process. !Essential vs. Non-Essential for Tiki Functionality !!Essential Cookies (required for Tiki to function properly) * __Login Cookie__ (tiki-login.php) Keeps users logged in after closing the browser. * __Session Owner Cookie__ (tiki-setup_base.php) Confirms session ownership to maintain security. * __CSRF Protection Cookie__ (lib/tikiaccesslib.php) Protects against Cross-Site Request Forgery (CSRF) attacks. * __User Logout Cookie__ (lib/userslib.php) Clears session and authentication information upon logout. * __javascript_enabled__ (lib/setup/javascript.php) Detects if JavaScript is enabled, which is crucial for many Tiki features. * __SOAP Session Cookie__ (lib/soap/soaplib.php) Maintains state across SOAP requests (if using SOAP services). * __Folder Click Cookie__ (lib/tikihelp/menu/ftiens4.js) Tracks folder state in the user interface. !!Non-Essential Cookies (enhance functionality but not critical for basic operation) * __comzone__ (comments.php) Tracks if the comments section should be shown or hidden. * __tabs__ (tiki-discount.php) Stores the current tab in the discount management interface. * __Tab Container Cookie__ (lib/tiki-js.js) Stores tab states in the user interface for convenience. * __Poll Voting Cookie__ (lib/tikilib.php) Prevents multiple votes on the same poll. * __Banner View Cookie__ (lib/banners/bannerlib.php) Tracks banner impressions for advertising purposes. * __wysiwyg_inline_edit__ (lib/ckeditor_tiki/tiki-ckeditor.js) Tracks the state of inline editing mode. * __anonymous_name (comments)__ (lib/comments/commentslib.js) Stores the anonymous user name for commenting. * __sidebar_collapsed__ (lib/jquery_tiki/tiki-admin.js) Keeps the sidebar collapsed state. * __show_tiki_connect__ (lib/jquery_tiki/tiki-connect.js) Tracks the Connect Feedback option in the user interface. * __UI Preferences__ (lib/jquery_tiki/tiki-jquery.js) Saves user interface preferences for a better experience. * __Tabset State Cookie__ (lib/smarty_tiki/BlockHandler/Tabset.php) Stores tabset state for consistent tab visibility. * __Remarks Box Cookie__ (templates/remarksbox.tpl) Stores the state of the remarks box. * __Preview Diff Style Cookie__ (templates/tiki-editpage.tpl) Tracks preview diff style in page editing. * __wiki (preview height)__ (templates/tiki-preview.tpl) Keeps the height of the preview box consistent. * __anonymous_name (forum)__ (templates/tiki-view_forum.tpl) Stores the anonymous user name for forum posting. * __tikitest_record__ (tiki_tests/tiki-tests_record.php) Tracks test/record state in testing functionalities. * __tikitest_filename__ (tiki_tests/tiki-tests_record.php) Stores the file name during the test/record process. -=Related pages=- * ((Dynamic Content)) * ((PluginCookie))