Note: This is not about the tag-line cookies found in the kernel (we really need to rename those...)
{maketoc}
!Introduction
This page is an explanation of the use of browser cookies in TikiPro. Hopefully, it will help developers to understand the different types of cookies used in TikiPro and help with consistency and standardisation of their use.
!Types
There are a number of types of cookies used in TikiPro.
# The user authentication / session cookie, that is used to track authenticated users and share this information across TikiPro sites using the Remember Me functionality. These cookies should only use the Remember Me cookie settings (cookie_path and cookie_domain), if the Remember Me feature is turned on. The cookie session name __PHPSESSID__ is used in Bonnie, which is actually generated by PEAR:Auth, while the session name __TIKISESSION__ is now used in Clyde, which will affect the Remember Me function between TikiPro versions.
# The menu state cookies are used to keep track of open or closed menus between sessions. These are stored via the __kernel/tiki.js__ using Javascript. These should be site specific and should not have any references to the Remember Me cookie_path and cookie_domain settings.
# The tz_offset cookie is used to calculate client time zone information. TikiPro initially checks if there is a preferred time zone set in the user preferences, and will use this if so. Otherwise, the server's time zone is used and stored in the tz_offset cookie. This is stored via the __kernel/tiki.js__ using Javascript, should be site specific and should not have any references to the Remember Me cookie_path and cookie_domain settings.
!Issues
Currently there are a few issues outlined below.
* Number of cookies per site
** Previously there was a limit reached by the number of cookies produced per site. Every open and closed state of menus was stored in a cookie value, which quickly increased the numbers. Whether this exists as a problem today I am not sure - we need confirmation.
* Remember Me problems
** The Remember Me option (Administration / Users / Login Settings) has been designed to allow a single TikiPro site to authenticate a user and then use this authenticated session for other TikiPro sites. Currently, if the user enters the incorrect cookie domain (without the wildcard prefix '.'), it causes problems. We will provide some sanity checking to ensure this simple problem does not cause grief.
Page History
Date/CommentUserIPVersion
01 Sep 2006 (15:52 UTC)
Stephan Borg218.214.1.11312
Current • Source
Stephan Borg218.214.1.1138
View • Compare • Difference • Source
Stephan Borg218.214.1.1137
View • Compare • Difference • Source
Stephan Borg218.214.1.1136
View • Compare • Difference • Source
Stephan Borg218.214.1.1135
View • Compare • Difference • Source
Stephan Borg218.214.1.1133
View • Compare • Difference • Source
Stephan Borg218.214.1.1132
View • Compare • Difference • Source
Stephan Borg218.214.1.1131
View • Compare • Difference • Source