Possible conflict between ob_start() and a 3rd party script? Possible conflict between ob_start() and a 3rd party script?
 

News:

cpg1.5.48 Security release - upgrade mandatory!
The Coppermine development team is releasing a security update for Coppermine in order to counter a recently discovered vulnerability. It is important that all users who run version cpg1.5.46 or older update to this latest version as soon as possible.
[more]

Main Menu

Possible conflict between ob_start() and a 3rd party script?

Started by flapane, June 14, 2015, 11:13:27 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Print
Go Down Pages1
User actions

flapane

June 14, 2015, 11:13:27 PM
The recent local implementation of the cookie law requests the website owner to block 3rd party cookies (social network buttons, Analytics, AdSense, Disqus) *until* the user has expressed its consent.
I chose a js+php script ( https://github.com/diegolamonica/EUCookieLaw ) that works good with all parts of my website, WP included, but with CPG: I noticed that the script doesn't actually block cookies, with no apparent error noted in Firebug console.
However, it can still read a previously set cookie, called __eucookielaw, and the cookie notice banner won't pop-up, if the user has already expressed its consent in another part of the website.

I wonder if this is due to the fact that CPG uses:
Code Select
ob_start();
in cpg_get_custom_include(), which I need to include a custom header in CPG.

In fact, the cookie script (which must be included at the top of the header), also uses
Code Select
ob_start("euCookieLaw_callback");

From the official documentation:
Quote
The server-side script intercept the output buffer and will remove the sent cookies when user has not yet approved the agreement.

Then you should include the file eucookielaw-header.php as the first operation on your server. This will ensure you that any of your script or CMS like Wordpress, Drupal, Joomla or whatever you are using, is able to write a cookie if the user doesn't given his consensus.

Direct link to the source code:
JS: https://github.com/diegolamonica/EUCookieLaw/blob/master/EUCookieLaw.js
PHP: https://github.com/diegolamonica/EUCookieLaw/blob/master/eucookielaw-header.php
CSS: https://github.com/diegolamonica/EUCookieLaw/blob/master/eucookielaw.css

I'll appreciate any help.
Flapane
www.flapane.com

Gallery
www.gallery.flapane.com

ΑndrĂ©

#1
June 15, 2015, 10:26:02 AM
I haven't looked closer at the other script. Maybe this plugin solves your issue: http://forum.coppermine-gallery.net/index.php/topic,76197.0.html

flapane

#2
June 15, 2015, 10:31:37 AM
Thanks, I already took a look at that plugin a while ago, but it seems that it blocks cookies set by CPG (and its plugins), while the law requires to block also 3rd party cookies, wherever on the page may they be.

The developer of the plugin I'm using couldn't help me, because he doesn't use CPG.
Flapane
www.flapane.com

Gallery
www.gallery.flapane.com
Print
Go Up Pages1
User actions